mcp-security

Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.

9 stars

Best use case

mcp-security is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.

Teams using mcp-security should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/mcp-security/SKILL.md --create-dirs "https://raw.githubusercontent.com/jpoutrin/product-forge/main/plugins/security-compliance/skills/mcp-security/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/mcp-security/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How mcp-security Compares

Feature / Agentmcp-securityStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# MCP Security Skill

This skill enforces security best practices for MCP servers and multi-agent pipelines.

## 5-Layer Defense Architecture

1. **Input Validation** - Sanitize all user inputs
2. **Prompt Injection Prevention** - Detect and block injection attempts
3. **SQL/NoSQL Validation** - Prevent query injection
4. **User Context Propagation** - Maintain identity through pipeline
5. **Authorization (RBAC/ABAC)** - Enforce access controls

## Prompt Injection Prevention

```python
# Always validate and sanitize inputs
def sanitize_input(user_input: str) -> str:
    # Remove potential injection patterns
    # Escape special characters
    # Limit length
    pass

# Never directly concatenate user input into prompts
# ❌ Bad
prompt = f"Process this: {user_input}"

# ✅ Good
prompt = sanitize_input(user_input)
validated_prompt = validate_against_schema(prompt)
```

## User Context Propagation

```python
@dataclass
class UserContext:
    user_id: str
    roles: list[str]
    permissions: list[str]
    tenant_id: str

# Pass context through all pipeline stages
async def process_request(context: UserContext, request: Request):
    # Validate permissions at each step
    if not has_permission(context, "read:data"):
        raise AuthorizationError()
```

## Authorization Patterns

### RBAC (Role-Based Access Control)
```python
ROLE_PERMISSIONS = {
    "admin": ["read", "write", "delete", "admin"],
    "editor": ["read", "write"],
    "viewer": ["read"],
}
```

### ABAC (Attribute-Based Access Control)
```python
def can_access(user: User, resource: Resource) -> bool:
    return (
        user.department == resource.department
        and user.clearance >= resource.sensitivity
    )
```

## Security Checklist

- [ ] All user inputs validated and sanitized
- [ ] Prompt injection patterns detected
- [ ] SQL queries parameterized
- [ ] User context propagated through pipeline
- [ ] Authorization checked at each step
- [ ] Sensitive data encrypted
- [ ] Audit logging enabled

Related Skills

rag-cag-security

9
from jpoutrin/product-forge

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

zod

9
from jpoutrin/product-forge

Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.

typescript-import-style

9
from jpoutrin/product-forge

Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.

setup-mcp-auth

9
from jpoutrin/product-forge

Configure authentication for an existing FastMCP server

fastmcp

9
from jpoutrin/product-forge

FastMCP TypeScript framework patterns for MCP servers. Auto-loads when building MCP servers, creating tools/resources/prompts, implementing authentication, configuring transports, or working with FastMCP in TypeScript.

add-mcp-tool

9
from jpoutrin/product-forge

Add a new tool to an existing FastMCP server with guided configuration

add-mcp-resource

9
from jpoutrin/product-forge

Add a new resource or resource template to an existing FastMCP server

plan-with-team

9
from jpoutrin/product-forge

Validate plan file ownership

privacy-compliance

9
from jpoutrin/product-forge

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

oauth

9
from jpoutrin/product-forge

OAuth 2.0 and OpenID Connect implementation patterns. Use when implementing authentication, authorization flows, or integrating with OAuth providers like Google, GitHub, or custom identity providers.

chunking-strategies

9
from jpoutrin/product-forge

Document chunking strategies for RAG systems. Use when implementing document processing pipelines to determine optimal chunking approaches based on document type and retrieval requirements.

review-django-commands

9
from jpoutrin/product-forge

Review Django management commands for proper structure and refactor if needed