--- name: security:mcp-baseline-reset description: Reset MCP description baseline cache allowed-tools: Read, Bash, AskUserQuestion model: sonnet --- # /security mcp-baseline-reset Reset the sticky description baseline used by `post-mcp-verify.mjs` for cumulative-drift detection (E14, OWASP MCP05). ## Why this matters The cache stores a per-tool **baseline** description plus a rolling 10-event history. Cumulative drift is measured as `levenshtein(current, baseline) / max(|current|, |baseline|)`; when the ratio crosses the threshold (default 0.25), `post-mcp-verify.mjs` emits a MEDIUM `mcp-cumulative-drift` advisory. After a **legitimate** MCP server upgrade the old baseline is stale — every subsequent call will keep tripping the advisory. Reset the baseline once to acknowledge the upgrade. The next MCP invocation will seed a fresh baseline from the new description. Resetting **removes the slow-burn detection window** for that server until the new baseline is established. Only do this for upgrades you trust. ## Step 1 — List current baselines Run the listing CLI in read-only mode: ```bash node /scanners/mcp-baseline-reset.mjs --list ``` Parse the JSON `baselines[]` array. If `count == 0`, report "No baselines stored yet" and stop. ## Step 2 — Confirm scope Use `AskUserQuestion` to confirm the user's intent: - Question: "Reset which baselines?" - Options derived from Step 1's output: - "All baselines (N tools)" — clears every entry - One option per tool, e.g. `mcp__tavily__tavily_search` - "Cancel" — abort ## Step 3 — Execute If the user picked **all**: ```bash node /scanners/mcp-baseline-reset.mjs ``` If the user picked a specific tool: ```bash node /scanners/mcp-baseline-reset.mjs --target ``` Capture stdout JSON. ## Step 4 — Confirm result Report from the JSON response: ``` Cleared baseline(s): - - ... Remaining baselines: ``` Add a one-line reminder: "The next MCP call to each cleared tool will seed a fresh baseline from the incoming description." ## Notes - The CLI exits 0 even when nothing was cleared (idempotent). - History entries are **preserved** across reset for audit purposes. - This command does not connect to MCP servers — it only mutates the local cache at `~/.cache/llm-security/mcp-descriptions.json`.