This work addresses the security risks posed by Model Context Protocol (MCP) servers, which often expose high-risk capabilities such as file system access, network requests, and command execution that can be exploited if not properly audited. To mitigate this, we present mcp-sec-audit, the first security auditing framework specifically designed for the MCP protocol. Our approach combines static pattern matching with dynamic sandboxed fuzz testing powered by Docker and eBPF to automatically identify and assess these hazardous capabilities. The framework supports extensible rule configuration and fully automated detection, and has been validated on Python-based MCP server implementations. It accurately generates actionable hardening recommendations, thereby significantly enhancing the overall security posture of the MCP ecosystem.

The Model Context Protocol (MCP) has emerged as a standard for connecting Large Language Models (LLMs) to external tools and data. However, MCP servers often expose privileged capabilities, such as file system access, network requests, and command execution that can be exploited if not properly secured. We present mcp-sec-audit, an extensible security assessment toolkit designed specifically for MCP servers. It implements static pattern matching for Python-based MCP servers and dynamic sandboxed fuzzing and monitoring via Docker and eBPF. The tool detects risky capabilities through configurable rule-based analysis and provides mitigation recommendations.