Loading…
Paste an MCP server config (claude_desktop_config.json / Cursor) or a Claude Code settings.json. The auditor auto-detects the shape and checks for dangerous transports, hardcoded secrets, tool poisoning, broad-permission allow rules, hostile hooks, and bypass-permission modes. All checks run locally.
curl | sh installers, destructive primitives.env / args.exec, run_shell, eval (excessive agency).Bash(*), dangerous primitives in allow, missing deny lists, sensitive Read paths (~/.ssh, /etc).bypassPermissions and acceptEdits flagged as silent-execution risks.curl | sh in hook commands, remote URL hooks, network egress in PreToolUse / UserPromptSubmit, missing timeouts, embedded secrets..mcp.json in the project tree.Heuristics only. A clean report is not a security guarantee — review upstream code, pin versions, and watch tool descriptions on every update.