Home
Softono
MCP-Checklists

MCP-Checklists

Open source JavaScript
Website GitHub
194
Stars
18
Forks
0
Issues
4
Watchers
7 months
Last Commit
AI Agents Vulnerability Scanning

About MCP-Checklists

MCP-Checklists is a curated repository of security resources designed to help organizations and developers adopt AI agents and Model Context Protocol (MCP) servers safely without slowing down innovation. Created by the team behind MCP Manager, this collection offers practical checklists, indexes, lessons learned, and utilities focused on securing MCP deployments. Key content areas include deployment infrastructure strategies such as containerizing local servers with Docker for file access control and managing remote STDIO connections. The repository details authentication and authorization best practices, specifically addressing OAuth troubleshooting and identity management. It also provides comprehensive guides on logging, auditing, and observability to ensure system visibility. A major focus is placed on security threat mitigation, offering methods to detect and prevent shadow MCP usage, a catalog of known cybersecurity threats with mitigations, an index of reported vulnerabilities, and processes for evalua

Platforms

Web Self-hosted

Languages

JavaScript

Links

Website Source Code
m
Published by
mcp-manager
Visit View Profile

README.md

View on GitHub

MCP-Checklists

We're a team of security and AI enthusiasts building MCP Manager, a comprehensive MCP security solution for businesses of all sizes.

In this repository we will publish a range of checklists, indexes, lessons learned and helpful utilities to help you adopt and use AI agents and MCP servers securely - without losing pace in the AI race.

⭐Star this repo to stay up to date and avoid missing that guide you know you'll need in the future!

We welcome contributions and suggestions - here's the instructions for contributing.

📚 Table of Contents

🔌 MCP Deployment Infrastructure

🐳 Using Docker to Run Local MCP Servers Securely

TLDR: How to Run MCP Servers Securely

Installing and running MCP servers locally is equivalent to installing and running any other software on your computer. Locally running MCP servers have unlimited access to all your files, creating risks of data exfiltration, token theft, virus infection and propagation, or data encryption attacks (Ransomware).

Docker is a containerization solution that is free, open source, and widely supported across all major operating systems.

Why You Should Use Docker to Containerize Local MCP Servers

Running MCP servers inside Docker containers allows you to run them in a sandboxed environment that you have complete control over. You decide which files and folders to expose to the container, can define rules for HTTP and WebSocket traffic, and selectively expose environment variables instead of unintentionally leaking secrets.

Using Docker to containerize your MCP servers reduces security risks and gives you more control over what data and capabilities the server has access to. It's not a complete bulletproof solution, however, because if you're not careful, you can still give Docker containers running locally unfettered access to your VPN / private networks.

Guide and Docker Files

We understand that learning complex technologies like Docker can be intimidating, but we've made our best effort to provide you with examples, documentation, and helpful scripts to get you started running MCPs securely.

Use How to Run Local MCP Servers Securely to learn about our helpful scripts and Dockerfiles that will get you started running local MCP Servers securely in no time.

🔐 Authentication and Authorization

Checklists

📝 Logging, Auditing, and Observability

Checklists

🛡️ Threats and Mitigation

Checklists

Index Lists

🤖 AI Agent Building and Security

Checklists/Guides