A proposed security evaluation framework for MCP (Model Context Protocol) servers, targeting developers building or consuming MCP servers and security practitioners. The framework covers three areas: configuration risks (credentials passed via query strings or stored in plaintext environment variable config files), implementation risks (insecure coding practices like command injection via unsanitized inputs in shell commands), and asset risks (insecure third-party library dependencies and license incompatibilities). Concrete code examples illustrate each vulnerability class.
Sort: