rt_check_resource_exposure
Enumerates MCP resources and prompts to flag broad URI patterns, sensitive paths, and social engineering risks.
Instructions
Enumerate all MCP resources and prompts exposed by the server. Flag resources with broad URI patterns (file://, https://), resources exposing sensitive paths, and prompts that could be used for social engineering.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| env | No | Additional environment variables for stdio | |
| url | No | MCP server URL for HTTP/SSE transport (e.g. 'http://localhost:3000/mcp') | |
| args | No | Command arguments for stdio (e.g. ['run', 'server.js']) | |
| command | No | Server command for stdio transport (e.g. 'node', 'bun', 'npx') | |
| headers | No | Custom HTTP headers (e.g. { 'Authorization': 'Bearer token' }) | |
| timeout_ms | No | Connection timeout in milliseconds (default: 30000) |