概要
What is Awesome MCP Security?
A curated list of resources, papers, and tools focused on the security of the Model Context Protocol (MCP). It aggregates scholarly papers, documented vulnerabilities, security tools, articles, blog posts, and other useful references for researchers, developers, and security professionals.
How to use Awesome MCP Security?
Browse the curated sections—Papers, Security Vulnerabilities, Tools, Articles and Blog Posts, etc.—to find relevant MCP security resources. To contribute, read the Contribution Guidelines (CONTRIBUTING.md) before submitting additions.
Key features of Awesome MCP Security
- Covers academic papers on MCP security threats and mitigation.
- Documents real-world security vulnerabilities like OAuth token theft and prompt injection.
- Lists security tools such as MCP-scan, MCP-Shield, and MCP Guardian.
- Includes articles and blog posts from industry experts and research teams.
- Curates other awesome projects like Awesome LLM Security and official MCP resources.
Use cases of Awesome MCP Security
- Researchers looking for relevant academic papers on MCP security.
- Developers wanting to understand and mitigate MCP vulnerabilities.
- Security professionals evaluating MCP server safety and tooling.
- Anyone learning about the Model Context Protocol security landscape.
FAQ from Awesome MCP Security
What is the goal of this list?
To curate awesome resources, papers, and tools specifically focused on MCP security.
What types of resources are included?
Papers, security vulnerabilities, tools, articles, blog posts, and other useful resources such as newsletter episodes.
How can I contribute to this list?
Read the Contribution Guidelines (CONTRIBUTING.md) before making any contributions.
Are there security tools listed for testing MCP servers?
Yes, tools like MCP-scan, MCP-Shield, MCP Guardian, and Damn Vulnerable MCP Server are included for security testing and scanning.
What security vulnerabilities are documented?
The list covers authentication/authorization issues (e.g., OAuth token theft, permission boundary problems), prompt injection attacks (tool description manipulation, indirect injection), and supply chain risks (installer validation, tool name conflicts).