Awesome MCP Security
@AIM-Intelligence
关于 Awesome MCP Security
Security Threats related with MCP (Model Context Protocol), MCP Servers and more
基本信息
配置
工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Awesome MCP Security?
A curated list of resources, papers, and tools focused on the security of the Model Context Protocol (MCP). It aggregates scholarly papers, documented vulnerabilities, security tools, articles, blog posts, and other useful references for researchers, developers, and security professionals.
How to use Awesome MCP Security?
Browse the curated sections—Papers, Security Vulnerabilities, Tools, Articles and Blog Posts, etc.—to find relevant MCP security resources. To contribute, read the Contribution Guidelines (CONTRIBUTING.md) before submitting additions.
Key features of Awesome MCP Security
- Covers academic papers on MCP security threats and mitigation.
- Documents real-world security vulnerabilities like OAuth token theft and prompt injection.
- Lists security tools such as MCP-scan, MCP-Shield, and MCP Guardian.
- Includes articles and blog posts from industry experts and research teams.
- Curates other awesome projects like Awesome LLM Security and official MCP resources.
Use cases of Awesome MCP Security
- Researchers looking for relevant academic papers on MCP security.
- Developers wanting to understand and mitigate MCP vulnerabilities.
- Security professionals evaluating MCP server safety and tooling.
- Anyone learning about the Model Context Protocol security landscape.
FAQ from Awesome MCP Security
What is the goal of this list?
To curate awesome resources, papers, and tools specifically focused on MCP security.
What types of resources are included?
Papers, security vulnerabilities, tools, articles, blog posts, and other useful resources such as newsletter episodes.
How can I contribute to this list?
Read the Contribution Guidelines (CONTRIBUTING.md) before making any contributions.
Are there security tools listed for testing MCP servers?
Yes, tools like MCP-scan, MCP-Shield, MCP Guardian, and Damn Vulnerable MCP Server are included for security testing and scanning.
What security vulnerabilities are documented?
The list covers authentication/authorization issues (e.g., OAuth token theft, permission boundary problems), prompt injection attacks (tool description manipulation, indirect injection), and supply chain risks (installer validation, tool name conflicts).
开发工具 分类下的更多 MCP 服务器
MCP Inspector
modelcontextprotocolVisual testing tool for MCP servers
MCP Framework
QuantGeekDevThe Typescript MCP Framework
TalkToFigma
sonnylazuardiTalkToFigma: MCP integration between AI Agent (Cursor, Claude Code, Codex) and Figma, allowing Agentic AI to communicate with Figma for reading designs and modifying them programmatically.
MCP Unity Editor (Game Engine)
CoderGamesterModel Context Protocol (MCP) plugin to connect with Unity Editor — designed for Cursor, Claude Code, Codex, Windsurf and other IDEs
JetBrains MCP Proxy Server
JetBrainsA model context protocol server to work with JetBrains IDEs: IntelliJ, PyCharm, WebStorm, etc. Also, works with Android Studio
评论