mirror of
https://github.com/github/awesome-copilot.git
synced 2026-07-14 01:51:02 +00:00
Rename mcp-security-baseline -> mcp-implementation-security-review and sharpen description (#2257)
Renames the skill so its name makes the source-code-review scope explicit and distinct from the existing config-focused `mcp-security-audit` skill (the duplicate-detection check flagged the shared `mcp-security-` prefix; it is advisory only). Also sharpens the description's first line to lead with "implementation source code of MCP servers, clients, and tool handlers". - Rename folder skills/mcp-security-baseline -> skills/mcp-implementation-security-review - Update name field and H1 heading to match - Regenerate docs/README.skills.md Co-authored-by: Swetha Kumar <16600902+Swethakumar1@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
+3
-3
@@ -1,7 +1,7 @@
|
||||
---
|
||||
name: mcp-security-baseline
|
||||
name: mcp-implementation-security-review
|
||||
description: |
|
||||
Review MCP (Model Context Protocol) server and client source code against a security baseline — authentication, sessions, rate limiting, input-schema validation, official-SDK usage, RCE vectors, and the OWASP MCP Top 10 — producing a report with file/line evidence. Use this skill when:
|
||||
Review the implementation source code of MCP (Model Context Protocol) servers, clients, and tool handlers against a security baseline — authentication, sessions, rate limiting, input-schema validation, official-SDK usage, RCE vectors, and the OWASP MCP Top 10 — producing a report with file/line evidence. Use this skill when:
|
||||
- Reviewing an MCP server implementation for security before release
|
||||
- Checking a server against the baseline controls (MCP-01 to MCP-05) and the OWASP MCP Top 10
|
||||
- Auditing tools for RCE vectors (command/code injection, unsafe deserialization, path traversal, SSTI, dependency hijacking, SSRF)
|
||||
@@ -10,7 +10,7 @@ description: |
|
||||
- Requests like "review this MCP server for security" or "is my MCP server implementation secure?"
|
||||
---
|
||||
|
||||
# MCP Security Baseline Review
|
||||
# MCP Implementation Security Review
|
||||
|
||||
## Process
|
||||
|
||||
Reference in New Issue
Block a user