audit-mcp
Installation
SKILL.md
Audit MCP Command
Audit MCP server configurations for quality, compliance, and security.
Step 0: Initialize Audit Environment
Get the current UTC date, capture the project root path, ensure the temp directory exists, and clean up any stale audit files if the user confirms. Invoke the claude-ecosystem:mcp-integration skill to load authoritative MCP configuration guidance.
What Gets Audited
This command audits MCP server configurations from multiple sources:
- Project scope:
.mcp.jsonin project root (version-controlled, team-shared) - User (Global) scope:
~/.claude.jsonwith root-levelmcpServerskey - Local scope:
.claude/settings.local.jsonwithmcpServerskey if present - Plugin scope:
.mcp.jsonfiles within plugin directories - Enterprise scope:
managed-mcp.jsonin system directories
For each configuration, validate JSON structure, server fields, transport types, authentication, environment variable usage, and security (no exposed credentials).