f418a8fe08
Full port of llm-security plugin for internal use on Windows with GitHub Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs) normalizes Copilot camelCase I/O to Claude Code snake_case format — all original hook scripts run unmodified. - 8 hooks with protocol translation (stdin/stdout/exit code) - 18 SKILL.md skills (Agent Skills Open Standard) - 6 .agent.md agent definitions - 20 scanners + 14 scanner lib modules (unchanged) - 14 knowledge files (unchanged) - 39 test files including copilot-port-verify.mjs (17 tests) - Windows-ready: node:path, os.tmpdir(), process.execPath, no bash Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1.1 KiB
Markdown
43 lines
1.1 KiB
Markdown
---
|
|
name: security-mcp-inspect
|
|
description: Connect to running MCP servers and scan live tool descriptions for injection, shadowing, and drift
|
|
---
|
|
|
|
# MCP Inspect
|
|
|
|
Live MCP server inspection — connect to running servers, scan tool descriptions.
|
|
|
|
## Step 1: Run Inspector
|
|
|
|
```bash
|
|
node <plugin-root>/scanners/mcp-live-inspect.mjs $ARGUMENTS
|
|
```
|
|
|
|
Supports `--timeout <ms>` and `--skip-global` flags.
|
|
|
|
## Step 2: Format Results
|
|
|
|
Parse JSON output. Display:
|
|
|
|
```
|
|
# MCP Live Inspection: [VERDICT]
|
|
|
|
Servers: N discovered, N contacted, N timed-out, N failed
|
|
|
|
## Server Details
|
|
|
|
| Server | Transport | Status | Tools | Findings |
|
|
|--------|-----------|--------|-------|----------|
|
|
[per-server row]
|
|
|
|
## Findings
|
|
|
|
[Findings table: severity, server, tool, description, evidence]
|
|
```
|
|
|
|
## Step 3: Advisory
|
|
|
|
- Timeouts: "Server did not respond within timeout. May be SSE-based (unsupported for live inspection) or not running."
|
|
- No servers found: "No MCP servers detected. Check configuration."
|
|
- Clean: "All servers passed live inspection."
|
|
- Findings: "Review findings. Combine with `mcp-audit` for static analysis."
|