From 75603e3f4bb8567fe75d2fe7e15ed50e3cd8cbdf Mon Sep 17 00:00:00 2001 From: David McHale Date: Tue, 19 May 2026 06:12:03 -0600 Subject: [PATCH 1/2] chore: add files field, expand README, add bundlephobia badge --- README.md | 58 ++++++++++++++++++++++++++-------------------------- package.json | 5 +++++ 2 files changed, 34 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index 0d2ffe9..23ba941 100644 --- a/README.md +++ b/README.md @@ -1,41 +1,41 @@ # @hailbytes/mcp-security-scanner -> Scans Model Context Protocol (MCP) server configurations for common security issues. +> Scans Model Context Protocol (MCP) server configurations for common security issues: overprivileged tools, missing auth, prompt injection surface, and unsafe defaults. [![npm version](https://img.shields.io/npm/v/%40hailbytes%2Fmcp-security-scanner.svg)](https://www.npmjs.com/package/%40hailbytes%2Fmcp-security-scanner) [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE) +[![Bundle Size](https://img.shields.io/bundlephobia/minzip/%40hailbytes%2Fmcp-security-scanner)](https://bundlephobia.com/package/@hailbytes/mcp-security-scanner) --- -## Overview +## What it does -`@hailbytes/mcp-security-scanner` audits MCP server configurations and running endpoints for: - -- **Overprivileged tools** — tools granted broader permissions than their declared function requires -- **Missing or weak authentication** — unauthenticated transports, missing token validation -- **Prompt injection surface** — tool descriptions or output paths susceptible to injection -- **Unsafe defaults** — insecure transport defaults, verbose error exposure, CORS wildcards - -> Part of HailBytes' MCP security research initiative. See [hailbytes.com/mcp](https://hailbytes.com/mcp) for our MCP server documentation. +Audit MCP server configurations and endpoints for the most common AI security mistakes — overprivileged tools, missing authentication, prompt injection attack surface, and insecure transport defaults. Integrates into CI/CD as a gate or run on-demand via CLI. --- -## Who Is This For +## Install -Security engineers, platform teams, and AI/LLM developers who build or operate MCP servers and want automated, continuous security checks integrated into their CI/CD pipelines. +```bash +npm install -g @hailbytes/mcp-security-scanner +# or use directly via npx +npx @hailbytes/mcp-security-scanner ./mcp-config.json +``` --- -## API +## Quick Start ### CLI ```bash -npx @hailbytes/mcp-security-scanner - -# Examples +# Scan a local config file npx @hailbytes/mcp-security-scanner ./mcp-config.json + +# Scan a running MCP server endpoint npx @hailbytes/mcp-security-scanner https://my-mcp-server.example.com + +# Output SARIF for GitHub Code Scanning + fail on findings npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code ``` @@ -44,29 +44,29 @@ npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code ```ts import { scan } from "@hailbytes/mcp-security-scanner"; -const report: SecurityReport = await scan({ - configPath: "./mcp-config.json", - // or serverUrl: "https://..." -}); +const report = await scan({ configPath: "./mcp-config.json" }); -console.log(report.findings); // Finding[] -console.log(report.score); // 0–100 risk score -console.log(report.passed); // boolean +console.log(report.findings); // Finding[] — individual security issues +console.log(report.score); // 0–100 risk score (lower = riskier) +console.log(report.passed); // boolean — use as CI gate ``` --- -## See Also +## What It Checks -- [@hailbytes/mcp-server-template](https://github.com/HailBytes/mcp-server-template) — production-ready MCP server scaffold +- **Overprivileged tools** — tools granted broader permissions than their declared function requires +- **Missing or weak authentication** — unauthenticated transports, missing token validation +- **Prompt injection surface** — tool descriptions or output paths susceptible to injection +- **Unsafe defaults** — insecure transport defaults, verbose error exposure, CORS wildcards --- -## Links +## See Also + +- [`@hailbytes/mcp-server-template`](https://github.com/HailBytes/mcp-server-template) — production-ready MCP server scaffold with auth built-in +- [HailBytes MCP documentation](https://hailbytes.com/mcp) -- [hailbytes.com](https://hailbytes.com) -- [hailbytes.com/mcp](https://hailbytes.com/mcp) — MCP server documentation -- [GitHub Issues](https://github.com/HailBytes/mcp-security-scanner/issues) --- *Part of the [HailBytes](https://hailbytes.com) open-source security toolkit.* diff --git a/package.json b/package.json index 2ee0265..752aff6 100644 --- a/package.json +++ b/package.json @@ -35,6 +35,11 @@ "types": "./dist/index.d.ts" } }, + "files": [ + "dist", + "README.md", + "LICENSE" + ], "scripts": { "build": "tsc", "typecheck": "tsc --noEmit", From 9acc2ce1b4401e27a9541d6fb7649f3df4addbb8 Mon Sep 17 00:00:00 2001 From: David McHale Date: Tue, 19 May 2026 06:42:26 -0600 Subject: [PATCH 2/2] chore: bump to v1.0.1 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 752aff6..0418795 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@hailbytes/mcp-security-scanner", - "version": "0.0.1", + "version": "1.0.1", "description": "Scans MCP server configurations for common security issues: overprivileged tools, missing auth, prompt injection surface, unsafe defaults.", "type": "module", "license": "MIT",