open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security-copilot/templates/archive/mcp-audit-report.md
Kjell Tore Guttormsen f418a8fe08 feat(llm-security-copilot): port llm-security v5.1.0 to GitHub Copilot CLI 
Full port of llm-security plugin for internal use on Windows with GitHub
Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs)
normalizes Copilot camelCase I/O to Claude Code snake_case format — all
original hook scripts run unmodified.

- 8 hooks with protocol translation (stdin/stdout/exit code)
- 18 SKILL.md skills (Agent Skills Open Standard)
- 6 .agent.md agent definitions
- 20 scanners + 14 scanner lib modules (unchanged)
- 14 knowledge files (unchanged)
- 39 test files including copilot-port-verify.mjs (17 tests)
- Windows-ready: node:path, os.tmpdir(), process.execPath, no bash

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:56:10 +02:00

5.3 KiB
Raw Blame History

MCP Security Audit Report

Header

Field Value
Audit scope [List of MCP config files examined — e.g. .mcp.json, ~/.claude/settings.json]
Servers found [count]
Audit date [ISO 8601 — e.g. 2026-02-19]
Auditor llm-security v[X.X] — mcp-scanner-agent
Analysis phases Tool descriptions, Source code, Dependencies, Configuration, Rug pull detection

MCP Landscape Summary

Server Source Transport Trust Rating Critical High Medium Low
[server-name] [local path / npx package / remote URL] stdio / sse [Trusted/Cautious/Untrusted/Dangerous] [n] [n] [n] [n]

Overall MCP Risk: [Low / Medium / High / Critical]

Per-Server Analysis

Server: [server-name]

Field Value
Transport stdio / sse
Command/URL [command and args, or URL]
Source [resolved path or "remote package"]
Trust Rating [Trusted / Cautious / Untrusted / Dangerous]

Findings:

# Severity Category Description OWASP Ref
1 [Critical/High/Medium/Low] [Category name] [Finding description] [LLM0X or ASI0X]

Evidence:

[Exact code or config excerpt — file:line reference. Redact actual secret values.]

Recommendations:

  • [Specific, actionable fix per finding]

[Repeat per-server section for each server discovered]

Overall MCP Risk Assessment

Risk Rating: [Low / Medium / High / Critical]

Criterion Description
Low All servers Trusted or Cautious, no High+ findings
Medium One or more Cautious servers with High findings
High One or more Untrusted servers
Critical Any server rated Dangerous

Recommendations

Keep (no action required)

  • [server-name] — Trusted, [n] Low findings only. [Brief positive note.]

Review before next session

  • [server-name] — [Cautious/Untrusted], [specific concern to investigate]

Remove or disable immediately

  • [server-name] — Dangerous: [one-line critical finding summary]

If all servers are Trusted with no High+ findings, write: "All MCP servers passed trust verification. No action required."

Footer

Field Value
llm-security version [e.g. 0.1.0]
Assessment engine mcp-scanner-agent (5-phase analysis)
OWASP references LLM Top 10 (2025), Agentic AI Top 10
Config files scanned [comma-separated list of files read]
Report generated [ISO 8601 timestamp]