← Back to Skills Marketplace
fasjdas

MCP Sentinel

by fasjdas · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ Security Clean
41
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install mcp-sentinel
Description
Audits MCP and AI agent config files for risky commands, broad filesystem access, inline secrets, and prompt-injection risks, reporting findings by severity.
README (SKILL.md)

MCP Sentinel

Use this skill when the user wants to audit MCP server, Cursor, Claude Desktop, Zed, VS Code, or AI agent configuration files for risky command execution, broad filesystem access, inline secrets, or prompt-injection language.

What This Skill Does

MCP Sentinel is an open-source TypeScript CLI:

https://github.com/fasjdas/mcp-sentinel

It scans common MCP and AI agent config files and reports:

  • Interactive shell launchers such as bash, cmd, PowerShell, or sh.
  • Package runner startup commands such as npx, pnpm, yarn, bun, and uvx.
  • Broad filesystem access such as root directories, full Windows drives, parent-directory traversal, or unrestricted workspace flags.
  • Secret-looking environment keys and inline secret-looking values.
  • Destructive startup arguments and pipe-to-shell installers.
  • Suspicious prompt-injection or exfiltration language in config text.

Install Or Run

If the project does not already include MCP Sentinel, clone and build it:

git clone https://github.com/fasjdas/mcp-sentinel
cd mcp-sentinel
npm install
npm run build

Run an audit:

node dist/cli.js audit /path/to/project

Emit JSON:

node dist/cli.js audit /path/to/project --json

Emit GitHub Actions annotations and fail on high severity:

node dist/cli.js audit /path/to/project --github-annotations --fail-on high

Agent Workflow

  1. Identify the project root the user wants scanned.
  2. Run MCP Sentinel against that root.
  3. Summarize findings by severity first.
  4. Explain each finding in practical terms: what access it grants, why it is risky, and what a safer config would look like.
  5. Avoid exposing full secret values in chat. Refer to secret keys by name only.
  6. If the user asks for a fix, scope MCP server paths to the narrowest useful directory, remove shell wrappers where possible, and replace inline secrets with environment references.

Supported Config Locations

  • .mcp.json
  • mcp.json
  • mcp.config.json
  • .cursor/mcp.json
  • .vscode/mcp.json
  • claude_desktop_config.json
  • claude_desktop_config.local.json
  • .zed/settings.json

Notes

MCP Sentinel is a static scanner. It provides best-effort risk signals, not a complete security review. Treat findings as prompts for human review and remediation.

Usage Guidance
Reasonable to install as a skill. Before using it, review the referenced MCP Sentinel CLI and npm dependencies as third-party code, and run scans only on project roots you intend to inspect because configuration files may contain secret-looking values.
Capability Assessment
Purpose & Capability
The stated purpose is auditing MCP and AI-agent configuration files for risky commands, broad filesystem access, inline secrets, and prompt-injection text; the listed capabilities match that purpose.
Instruction Scope
The workflow is user-directed: identify the project root, run the scanner, summarize findings, avoid exposing full secret values, and only make fixes if the user asks.
Install Mechanism
The skill instructs users to clone and build a third-party GitHub TypeScript CLI with npm. This is disclosed and purpose-aligned, but the upstream repository and dependencies should be treated as separate software to review before running.
Credentials
Reading common MCP, editor, and agent configuration files is proportionate to the audit purpose, and the skill names specific supported config locations.
Persistence & Privilege
No persistence, background execution, privilege escalation, credential storage, automatic mutation, or destructive behavior is present in the skill artifact.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install mcp-sentinel
  3. After installation, invoke the skill by name or use /mcp-sentinel
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial public release of the MCP Sentinel skill wrapper for auditing MCP and AI agent configuration risk.
Metadata
Slug mcp-sentinel
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is MCP Sentinel?

Audits MCP and AI agent config files for risky commands, broad filesystem access, inline secrets, and prompt-injection risks, reporting findings by severity. It is an AI Agent Skill for Claude Code / OpenClaw, with 41 downloads so far.

How do I install MCP Sentinel?

Run "/install mcp-sentinel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is MCP Sentinel free?

Yes, MCP Sentinel is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does MCP Sentinel support?

MCP Sentinel is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created MCP Sentinel?

It is built and maintained by fasjdas (@fasjdas); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments