mcp-security
Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.
Best use case
mcp-security is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.
Teams using mcp-security should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/mcp-security/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How mcp-security Compares
| Feature / Agent | mcp-security | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# MCP Security Skill
This skill enforces security best practices for MCP servers and multi-agent pipelines.
## 5-Layer Defense Architecture
1. **Input Validation** - Sanitize all user inputs
2. **Prompt Injection Prevention** - Detect and block injection attempts
3. **SQL/NoSQL Validation** - Prevent query injection
4. **User Context Propagation** - Maintain identity through pipeline
5. **Authorization (RBAC/ABAC)** - Enforce access controls
## Prompt Injection Prevention
```python
# Always validate and sanitize inputs
def sanitize_input(user_input: str) -> str:
# Remove potential injection patterns
# Escape special characters
# Limit length
pass
# Never directly concatenate user input into prompts
# ❌ Bad
prompt = f"Process this: {user_input}"
# ✅ Good
prompt = sanitize_input(user_input)
validated_prompt = validate_against_schema(prompt)
```
## User Context Propagation
```python
@dataclass
class UserContext:
user_id: str
roles: list[str]
permissions: list[str]
tenant_id: str
# Pass context through all pipeline stages
async def process_request(context: UserContext, request: Request):
# Validate permissions at each step
if not has_permission(context, "read:data"):
raise AuthorizationError()
```
## Authorization Patterns
### RBAC (Role-Based Access Control)
```python
ROLE_PERMISSIONS = {
"admin": ["read", "write", "delete", "admin"],
"editor": ["read", "write"],
"viewer": ["read"],
}
```
### ABAC (Attribute-Based Access Control)
```python
def can_access(user: User, resource: Resource) -> bool:
return (
user.department == resource.department
and user.clearance >= resource.sensitivity
)
```
## Security Checklist
- [ ] All user inputs validated and sanitized
- [ ] Prompt injection patterns detected
- [ ] SQL queries parameterized
- [ ] User context propagated through pipeline
- [ ] Authorization checked at each step
- [ ] Sensitive data encrypted
- [ ] Audit logging enabledRelated Skills
rag-cag-security
Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.
zod
Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.
typescript-import-style
Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.
setup-mcp-auth
Configure authentication for an existing FastMCP server
fastmcp
FastMCP TypeScript framework patterns for MCP servers. Auto-loads when building MCP servers, creating tools/resources/prompts, implementing authentication, configuring transports, or working with FastMCP in TypeScript.
add-mcp-tool
Add a new tool to an existing FastMCP server with guided configuration
add-mcp-resource
Add a new resource or resource template to an existing FastMCP server
plan-with-team
Validate plan file ownership
privacy-compliance
GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.
oauth
OAuth 2.0 and OpenID Connect implementation patterns. Use when implementing authentication, authorization flows, or integrating with OAuth providers like Google, GitHub, or custom identity providers.
chunking-strategies
Document chunking strategies for RAG systems. Use when implementing document processing pipelines to determine optimal chunking approaches based on document type and retrieval requirements.
review-django-commands
Review Django management commands for proper structure and refactor if needed