Arnav Ar9av
Ar9av
/ mcp_audit.py
Created
May 31, 2026 02:46
mcp_audit.py — scan the MCP servers configured for your AI agents (Claude Code, Cursor, Windsurf, Claude Desktop) for supply-chain and secret risks. Read-only, zero-deps Python.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| mcp_audit.py — quick risk scan of the MCP servers configured for your AI agents. | |
| Third-party MCP servers are unvetted code-execution surface: they run on your | |
| machine, with your environment, the moment your agent starts. This script | |
| discovers MCP server definitions across common agent config locations and flags | |
| risky patterns: | |
| * HIGH pipe-to-shell / remote-fetch install commands |
Ar9av
/ block_dangerous.py
Created
May 31, 2026 02:46
Claude Code PreToolUse hook (Python, zero-deps): block destructive shell commands — rm -rf /, dd to disk, fork bombs, curl-pipe-shell, force-push to main — before they run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Claude Code PreToolUse hook — block obviously destructive shell commands. | |
| A minimal, dependency-free guardrail you can drop into any Claude Code project. | |
| It inspects every Bash command BEFORE it runs and blocks a small set of | |
| high-blast-radius patterns (recursive root deletes, disk overwrites, fork bombs, | |
| pipe-to-shell installs, force-push to main, etc.). | |
| This is deliberately tiny — a starting point, not a security product. It does |