Skip to main content
Glama

mcp_server_audit

Statically scan an MCP server Python file to identify security risks such as shell execution, filesystem writes, and code injection. Returns a structured audit report without running the code.

Instructions

Statically audit an MCP server Python source file.

Enumerates tools registered with FastMCP-style @*.tool() decorators (and imperative mcp.tool()(fn) calls) and reports risk findings per tool: shell execution, filesystem writes, network egress, code injection, over-broad parameter types, and ambiguous/short descriptions.

Args: path: Absolute path to a Python file defining an MCP server. max_bytes: Reject files larger than this (default 5 MB). Prevents DoS via huge input. Pass a larger value if you need to audit a big monolith, but consider splitting it first.

Returns: Structured audit report (see AuditReport schema). Does NOT execute the target file. Includes a coverage block and limitations list — absence of finding is NOT proof of safety.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
pathYes
max_bytesNo
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description explicitly states it performs static analysis ('Does NOT execute the target file'), enumerates risk categories (shell execution, filesystem writes, etc.), and warns that absence of findings is not proof of safety. This exceeds what annotations would provide (none exist).

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise and front-loaded with the core action. The prose is clear and avoids redundancy, though it could be slightly more terse by removing parenthetical clarifications.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the simplicity (2 parameters, no output schema, no annotations), the description is complete: it covers parameters, behavior, return structure (coverage/limitations), and key constraints. No critical information is omitted.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 0% schema description coverage, the description fully compensates: it explains 'path' as an absolute path to a Python file and 'max_bytes' as a DoS protection mechanism with default value and advice for large files.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Statically audit an MCP server Python source file.' It specifies the exact resource and action, and distinguishes from siblings (e.g., agent_tool_risk_audit) by focusing on FastMCP-style decorators and risk findings.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit when-to-use or when-not-to-use guidance is provided. The description does not mention sibling tools or alternative scenarios, leaving the agent to infer usage solely from the purpose.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/actions-marketplace-validations/x0base_mcp-security-toolkit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server