Home/Tools/Developer/MCP Server Security Checklist

MCP Server Security Checklist

Assess any MCP server before you connect it — a security scorecard covering source trust, least-privilege tool scope, secrets, OAuth, version pinning, egress, and monitoring, with a live risk score and copyable report.

100% Private - Runs Entirely in Your Browser

No data is sent to any server. All processing happens locally on your device.

## Why MCP servers need a security review When you connect an MCP server, you are trusting its code, its operators, its dependencies, and everything it will ever return to your model. Tool descriptions are read by the model to decide what to call, and tool results are fed back into its context. Both are attacker-controllable if the server is malicious or compromised. This checklist gives you a fast, repeatable way to judge whether a server is safe enough to connect. ## What it covers The scorecard groups controls into five areas: - **Source and trust:** is the server from a known publisher, is the repository reputable, and have you checked for typosquatted or lookalike names. - **Permissions and scope:** does the server request only the tools and access it actually needs, and are destructive actions gated behind human approval. - **Secrets and auth:** are credentials kept out of plaintext config, and is OAuth scoped narrowly to avoid the confused-deputy problem. - **Runtime and network:** is the server pinned to a verified version so it cannot silently change behavior in a rug pull, and is its network egress limited. - **Monitoring and governance:** are tool calls logged, and is there an allowlist of approved servers. ## How to use it Work through each item and check the ones your server satisfies. The tool computes a live risk score and a verdict band. Any unmet critical control forces a high-risk rating. When you are done, copy the report and attach it to a change ticket or review. ## Honest framing MCP is not uniquely unsafe, but it widens the attack surface of an AI system. This checklist is a starting point for due diligence, not a guarantee. Re-review a server whenever it updates. ## Related For the full background, read our breakdown of MCP security risks and how to mitigate them.

Loading interactive tool...

JavaScript Required

This interactive tool requires JavaScript to function. Please enable JavaScript in your browser to use the full features.

The tool description and documentation above provide information about this tool's capabilities. For the best experience, please enable JavaScript and refresh the page.

Why MCP servers need a security review

When you connect an MCP server, you are trusting its code, its operators, its dependencies, and everything it will ever return to your model. Tool descriptions are read by the model to decide what to call, and tool results are fed back into its context. Both are attacker-controllable if the server is malicious or compromised. This checklist gives you a fast, repeatable way to judge whether a server is safe enough to connect.

What it covers

The scorecard groups controls into five areas:

Source and trust: is the server from a known publisher, is the repository reputable, and have you checked for typosquatted or lookalike names.
Permissions and scope: does the server request only the tools and access it actually needs, and are destructive actions gated behind human approval.
Secrets and auth: are credentials kept out of plaintext config, and is OAuth scoped narrowly to avoid the confused-deputy problem.
Runtime and network: is the server pinned to a verified version so it cannot silently change behavior in a rug pull, and is its network egress limited.
Monitoring and governance: are tool calls logged, and is there an allowlist of approved servers.

How to use it

Work through each item and check the ones your server satisfies. The tool computes a live risk score and a verdict band. Any unmet critical control forces a high-risk rating. When you are done, copy the report and attach it to a change ticket or review.

Honest framing

MCP is not uniquely unsafe, but it widens the attack surface of an AI system. This checklist is a starting point for due diligence, not a guarantee. Re-review a server whenever it updates.

For the full background, read our breakdown of MCP security risks and how to mitigate them.

You build the idea. I'll ship the product.

Productized MVP development for founders. 9 SaaS apps shipped — yours could be next, in 6 weeks. Secure by default.

Learn About Secure MVP Explore Custom Software Development

ℹ️ Disclaimer

This tool is provided for informational and educational purposes only. All processing happens entirely in your browser - no data is sent to or stored on our servers. While we strive for accuracy, we make no warranties about the completeness or reliability of results. Use at your own discretion.