mcp-check v0.1.0
Initial public release of mcp-check.
Highlights:
- Offline static scanning for MCP server configs
- Rules for secrets, sensitive paths, shell execution, unpinned packages, insecure URLs, prompt-injection metadata, and Docker/runtime privileges
- JSON, terminal, and SARIF output
- GitHub Action support
- Unsafe example config zoo for quick demos