Diff MCP configs for risky permission and credential-surface changes.
mcp-permission-diff
mcp-permission-diff compares two MCP JSON configs and reports the permission-shaped changes a reviewer should notice before merging.
It checks for new servers, executable changes, added environment variables, sensitive headers, private or local URLs, broad working directories, and high-risk process flags such as --inherit-home or --allow-private-hosts.
Install
python -m pip install .
Use
mcp-permission-diff old-mcp.json new-mcp.json
mcp-permission-diff old-mcp.json new-mcp.json --json
mcp-permission-diff old-mcp.json new-mcp.json --fail-on medium
Use /dev/null as the old config to review a new config from scratch:
mcp-permission-diff /dev/null mcp.json
What it does not do
This is a review helper. It does not prove an MCP server is safe, execute the server, or inspect package source code. It only explains the config-level blast radius in plain text.
Privacy and safety
The tool runs locally. It does not make network calls. Secret-looking values and environment references are redacted in rendered output.