MCP.so
登录

Awesome MCP Security

@AIM-Intelligence

关于 Awesome MCP Security

Security Threats related with MCP (Model Context Protocol), MCP Servers and more

基本信息

分类

开发工具

传输方式

stdio

发布者

AIM-Intelligence

配置

暂无标准配置

该服务器的 README 中没有可解析的 MCP 配置块,请前往代码仓库查看安装说明。

代码仓库

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Awesome MCP Security?

A curated list of resources, papers, and tools focused on the security of the Model Context Protocol (MCP). It aggregates scholarly papers, documented vulnerabilities, security tools, articles, blog posts, and other useful references for researchers, developers, and security professionals.

How to use Awesome MCP Security?

Browse the curated sections—Papers, Security Vulnerabilities, Tools, Articles and Blog Posts, etc.—to find relevant MCP security resources. To contribute, read the Contribution Guidelines (CONTRIBUTING.md) before submitting additions.

Key features of Awesome MCP Security

  • Covers academic papers on MCP security threats and mitigation.
  • Documents real-world security vulnerabilities like OAuth token theft and prompt injection.
  • Lists security tools such as MCP-scan, MCP-Shield, and MCP Guardian.
  • Includes articles and blog posts from industry experts and research teams.
  • Curates other awesome projects like Awesome LLM Security and official MCP resources.

Use cases of Awesome MCP Security

  • Researchers looking for relevant academic papers on MCP security.
  • Developers wanting to understand and mitigate MCP vulnerabilities.
  • Security professionals evaluating MCP server safety and tooling.
  • Anyone learning about the Model Context Protocol security landscape.

FAQ from Awesome MCP Security

What is the goal of this list?

To curate awesome resources, papers, and tools specifically focused on MCP security.

What types of resources are included?

Papers, security vulnerabilities, tools, articles, blog posts, and other useful resources such as newsletter episodes.

How can I contribute to this list?

Read the Contribution Guidelines (CONTRIBUTING.md) before making any contributions.

Are there security tools listed for testing MCP servers?

Yes, tools like MCP-scan, MCP-Shield, MCP Guardian, and Damn Vulnerable MCP Server are included for security testing and scanning.

What security vulnerabilities are documented?

The list covers authentication/authorization issues (e.g., OAuth token theft, permission boundary problems), prompt injection attacks (tool description manipulation, indirect injection), and supply chain risks (installer validation, tool name conflicts).

评论

开发工具 分类下的更多 MCP 服务器