MCP Shield

Version updated for https://github.com/thuggeelya/mcp-shield-action to version v1.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The MCP Shield Action is a GitHub Action designed to scan MCP servers for security vulnerabilities, compliance issues, and risk factors using the mcp-shield-cli tool. It automates comprehensive checks to ensure secure and compliant server configurations, providing detailed reports, severity-based CI failure options, pull request comments, and integration with GitHub Code Scanning (SARIF). This action simplifies security auditing and compliance enforcement within CI/CD workflows, helping teams identify and address potential risks efficiently.

Release notes

Security scanner for MCP servers.

Features

• Compliance, injection detection, and risk scoring
• PR comment with findings and CWE references
• SARIF 2.1.0 output for GitHub Code Scanning
• Badge generation

See README for usage.

• thuggeelya
• GitHub Actions