audit_mcp_config
Check MCP server configurations for governance violations including plaintext secrets, unpinned packages, and insecure transports. Get severity findings and a compliance score.
Instructions
Governance lint for MCP server configurations (free, local). Checks: plaintext secrets in env, unpinned packages, auto-install flags, broad filesystem scopes, shell wrappers, non-TLS remote transports, unpinned docker tags. Returns findings with severities and a 0-100 score.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| config | No | The MCP config JSON as an object (e.g. claude_desktop_config.json content). Provide this OR config_json, not both. | |
| config_json | No | The MCP config JSON as a string; it will be parsed. Provide this OR config, not both. |