M
MCP Security
by @FinkTech
MCP server by FinkTech
Created 1/25/2026
Updated 2 days ago
README
Repository documentation and setup instructions
MCP Security Documentation
Comprehensive security rules and best practices for MCP (Model Context Protocol) servers.
📖 Table of Contents
- 📚 What's Included
- 🚀 Quick Start
- 📋 Documentation
- 🔐 Security Rules
- 📂 Directory Structure
- 🤖 Automation
- 📊 Standards
- 📄 Languages
- 📝 License
- 🤝 Contributing
- 🔒 Security Policy
🚀 Quick Start
# Read documentation
cat docs/en/sec-rules/SEC-001.md
# Generate PDFs locally
chmod +x scripts/generate-pdfs.sh
./scripts/generate-pdfs.sh
# Push to GitHub
git init
git add .
git commit -m "docs: add MCP security documentation"
git remote add origin https://github.com/YOUR_USER/mcp-security.git
git branch -M main
git push -u origin main
📋 Documentation
- START-HERE.md - Quick orientation guide
- docs/INDEX.md - Complete rules index
- CONTRIBUTING.md - How to contribute
- SECURITY.md - Security policy
🔐 Security Rules
All 12 rules with vulnerable/secure code examples:
🔴 Critical (4)
- SEC-001: Authentication Bypass
- SEC-002: Command Injection
- SEC-003: SQL Injection
- SEC-006: Insecure Deserialization
🟠 High (5)
- SEC-004: Server-Side Request Forgery
- SEC-005: XML External Entity
- SEC-007: Path Traversal
- SEC-009: Sensitive Data Exposure
- SEC-012: Weak Cryptography
🟡 Medium (3)
- SEC-008: Data Leakage in Responses
- SEC-010: Missing Rate Limiting
- SEC-011: Regular Expression DoS
📂 Directory Structure
mcp-security/
├── docs/
│ ├── INDEX.md
│ ├── en/sec-rules/ (12 English rules)
│ ├── es/sec-rules/ (12 Spanish rules)
│ ├── es/README.es.md (Spanish introduction)
│ └── pdf/ (auto-generated PDFs)
├── scripts/generate-pdfs.sh
├── .github/workflows/pdf-generation.yml
└── LICENSE (MIT)
🤖 Automation
GitHub Actions automatically:
- Generates PDFs from markdown
- Validates markdown syntax
- Runs security checks
- Creates release artifacts
📊 Standards
✅ OWASP Top 10 2021
✅ SOC2 Type II (CC6, CC7)
✅ HIPAA §164.312
✅ PCI DSS v4.0
✅ CWE/MITRE 13 weakness IDs
📄 Languages
- English: Primary documentation (docs/en/)
- Spanish: Full translation (docs/es/)
📝 License
MIT License - Free for commercial and personal use
🤝 Contributing
See CONTRIBUTING.md for guidelines.
🔒 Security Policy
Found a vulnerability? See SECURITY.md
Version: 1.0.0
Status: Production Ready
Last Updated: January 25, 2026
Quick Setup
Installation guide for this server
Installation Command (package not published)
git clone https://github.com/FinkTech/mcp-security
Manual Installation: Please check the README for detailed setup instructions and any additional dependencies required.
Cursor configuration (mcp.json)
{
"mcpServers": {
"finktech-mcp-security": {
"command": "git",
"args": [
"clone",
"https://github.com/FinkTech/mcp-security"
]
}
}
}