mcplint-rules 0.1.2

Built-in security rules for mcplint
Documentation
  • Coverage
  • 55%
    11 out of 20 items documented0 out of 10 items with examples
  • Size
  • Source code size: 190.22 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 6.97 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 1m 36s Average build duration of successful builds.
  • all releases: 1m 9s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Repository
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • lalitb

mcplint-rules

Security rules engine for mcplint, a static security analyzer for MCP (Model Context Protocol) configurations.

Rules

Rule Description
MG001 Unbounded string parameters flowing to dangerous sinks
MG002 Tool descriptions that understate actual capabilities
MG003 Cross-tool/cross-server escalation chains
MG004 Filesystem access without path confinement
MG005 Missing or weak authentication
MG006 Internal metadata leakage in descriptions
MG007 Overly broad tool parameter scopes
MG008 Insecure transport (HTTP/WS without TLS)
MG009 Sensitive environment variables passed to servers

Usage

use mcplint_rules::default_registry;

let registry = default_registry();

default_registry() returns a RuleRegistry with all built-in rules pre-registered.

License

Apache-2.0