Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
- Source URLs
- https://modelcontextprotocol.io/docs/tutorials/security/security_best_practices, https://github.com/JSONbored/awesome-claude/blob/main/content/skills/mcp-server-authoring-security-capability-pack.mdx
- Package URL
- /downloads/skills/mcp-server-authoring-security-capability-pack.zip
- Package SHA256
- 88cfe7f7cbd688806926439fcef04929c691deaaa01909a87d5658bbeb8c28bb
- Safety notes
- Use the skill as a review and implementation checklist; do not deploy MCP auth, credential flow, or permission changes without human review., Validate tool schemas, authorization decisions, and logging behavior with tests before exposing an MCP server to real users or external clients., Treat generated threat models as incomplete until checked against current MCP security and authorization docs.
- Privacy notes
- Tool inventories, auth flows, logs, incident examples, prompts, and server code shared with this skill may enter model context., Redact access credentials, client secrets, user records, tenant identifiers, and production request bodies before using them as examples.
- Platform compatibility
- claude-code (native-skill), codex (native-skill), windsurf (native-skill), gemini (native-skill), cursor (adapter), cli (manual-context)
- Author
- JSONbored
- Claim status
- unclaimed
- Last verified
- 2026-04-10