5.3 KiB
5.3 KiB
MCP Security Audit Report
Header
| Field | Value |
|---|---|
| Audit scope | [List of MCP config files examined — e.g. .mcp.json, ~/.claude/settings.json] |
| Servers found | [count] |
| Audit date | [ISO 8601 — e.g. 2026-02-19] |
| Auditor | llm-security v[X.X] — mcp-scanner-agent |
| Analysis phases | Tool descriptions, Source code, Dependencies, Configuration, Rug pull detection |
MCP Landscape Summary
| Server | Source | Transport | Trust Rating | Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|
[server-name] |
[local path / npx package / remote URL] | stdio / sse | [Trusted/Cautious/Untrusted/Dangerous] | [n] | [n] | [n] | [n] |
Overall MCP Risk: [Low / Medium / High / Critical]
Per-Server Analysis
Server: [server-name]
| Field | Value |
|---|---|
| Transport | stdio / sse |
| Command/URL | [command and args, or URL] |
| Source | [resolved path or "remote package"] |
| Trust Rating | [Trusted / Cautious / Untrusted / Dangerous] |
Findings:
| # | Severity | Category | Description | OWASP Ref |
|---|---|---|---|---|
| 1 | [Critical/High/Medium/Low] | [Category name] | [Finding description] | [LLM0X or ASI0X] |
Evidence:
[Exact code or config excerpt — file:line reference. Redact actual secret values.]
Recommendations:
- [Specific, actionable fix per finding]
[Repeat per-server section for each server discovered]
Overall MCP Risk Assessment
Risk Rating: [Low / Medium / High / Critical]
| Criterion | Description |
|---|---|
| Low | All servers Trusted or Cautious, no High+ findings |
| Medium | One or more Cautious servers with High findings |
| High | One or more Untrusted servers |
| Critical | Any server rated Dangerous |
Recommendations
Keep (no action required)
[server-name]— Trusted, [n] Low findings only. [Brief positive note.]
Review before next session
[server-name]— [Cautious/Untrusted], [specific concern to investigate]
Remove or disable immediately
[server-name]— Dangerous: [one-line critical finding summary]
If all servers are Trusted with no High+ findings, write: "All MCP servers passed trust verification. No action required."
Footer
| Field | Value |
|---|---|
| llm-security version | [e.g. 0.1.0] |
| Assessment engine | mcp-scanner-agent (5-phase analysis) |
| OWASP references | LLM Top 10 (2025), Agentic AI Top 10 |
| Config files scanned | [comma-separated list of files read] |
| Report generated | [ISO 8601 timestamp] |