MCP Servers

A collection of Model Context Protocol servers, templates, tools and more.

M
MCP Security
by @FinkTech
GitHub Repo(3 stars)

MCP server by FinkTech

Created 1/25/2026
Updated about 1 month ago
README
View Source
Repository documentation and setup instructions

🔒 MCP Security

License: MIT Version Documentation Security PRs Welcome

Comprehensive security guidelines for Model Context Protocol (MCP) servers with compliance mapping (SOC2, HIPAA, PCI DSS).

📚 Quick Navigation

| What | Where | |------|-------| | 📋 Complete index | docs/INDEX.md | | 🇬🇧 English docs | docs/en/ | | 🇪🇸 Documentación español | docs/es/ | | 💻 Code examples | examples/ | | 📄 PDFs | Auto-generated (GitHub Actions) or local: scripts/generate-pdfs.sh | | 🤝 Contributing | CONTRIBUTING.md | | 🔒 Security policy | SECURITY.md |

✨ Features

  • 12 Security Rules (SEC-001 to SEC-012): Each with vulnerable vs secure examples
  • OWASP/CWE Mapping + Compliance (SOC2, HIPAA, PCI DSS)
  • Multi-language examples: Go, Node.js, Python
  • Bilingual documentation: English + Spanish
  • Auto-generated PDFs: Available in docs/pdf/en/ and docs/pdf/es/

📂 Repository Structure

mcp-security/
├── docs/
│   ├── INDEX.md              # Complete index
│   ├── en/                   # English documentation
│   │   ├── README.md
│   │   ├── START-HERE.md
│   │   ├── SECURITY.md
│   │   └── sec-rules/        # SEC-001 to SEC-012
│   ├── es/                   # Spanish documentation
│   │   ├── README.md
│   │   ├── START-HERE.md
│   │   ├── SECURITY.md
│   │   └── sec-rules/        # SEC-001 a SEC-012
│   └── pdf/                  # Auto-generated PDFs
│       ├── en/
│       └── es/
├── examples/                 # Code examples by language
│   ├── go/
│   ├── nodejs/
│   └── python/
├── scripts/
│   └── generate-pdfs.sh      # PDF generation script
├── .github/
│   ├── workflows/            # CI/CD automation
│   ├── ISSUE_TEMPLATE/
│   └── PULL_REQUEST_TEMPLATE.md
├── CONTRIBUTING.md
├── SECURITY.md
├── LICENSE
└── README.md                 # This file

🎯 Use Cases

For Developers

  • Apply security rules to your MCP servers
  • Use code examples as reference
  • Integrate compliance requirements

For Security Teams

  • Audit MCP implementations
  • Map controls to frameworks (SOC2, HIPAA, PCI DSS)
  • Use PDFs for documentation

For Organizations

  • Establish security baselines
  • Train development teams
  • Maintain compliance

🌍 Available Languages

📄 PDF Generation

PDFs are automatically generated on push via GitHub Actions.

Manual generation:

./scripts/generate-pdfs.sh

PDFs will be created in:

  • docs/pdf/en/ (English)
  • docs/pdf/es/ (Spanish)

🤝 Contributing

We welcome contributions! See CONTRIBUTING.md for:

  • How to propose new rules
  • Documentation guidelines
  • Code examples standards
  • Translation workflow

🔒 Security

Found a vulnerability? Please report responsibly.

See SECURITY.md for:

  • How to report security issues
  • Response time expectations
  • Disclosure process

📜 License

MIT License - see LICENSE for details.

💬 Support

🙏 Acknowledgments

Special thanks to all contributors and security researchers who help improve MCP security.

Start here: docs/INDEX.md → Choose a rule → Apply it to your code 🚀

Quick Setup
Installation guide for this server

Installation Command (package not published)

git clone https://github.com/FinkTech/mcp-security
Manual Installation: Please check the README for detailed setup instructions and any additional dependencies required.

Cursor configuration (mcp.json)

{ "mcpServers": { "finktech-mcp-security": { "command": "git", "args": [ "clone", "https://github.com/FinkTech/mcp-security" ] } } }