From 6031c76c4a62d65281092f0165830b662b2cd266 Mon Sep 17 00:00:00 2001 From: Ikko Ashimine Date: Sun, 24 May 2026 22:38:01 +0900 Subject: [PATCH] feat(plugins): add skill-audit-mcp skill-audit-mcp is an MCP server + CLI that audits MCP server code for supply-chain attacks: credential exfiltration, prompt injection, command injection, hidden tool poisoning. 17 rule groups, 61 regexes. Co-Authored-By: Claude Opus 4.7 (1M context) --- README.md | 1 + plugins/skill-audit-mcp | 1 + 2 files changed, 2 insertions(+) create mode 100644 plugins/skill-audit-mcp diff --git a/README.md b/README.md index 9a06f9e4..bda72c90 100644 --- a/README.md +++ b/README.md @@ -710,6 +710,7 @@ The `asdf` core provides a [security policy](https://github.com/asdf-vm/asdf/sec | Sinker | [elementalvoid/asdf-sinker](https://github.com/elementalvoid/asdf-sinker) | | Skaffold | [nklmilojevic/asdf-skaffold](https://github.com/nklmilojevic/asdf-skaffold) | | skate | [chessmango/asdf-skate](https://github.com/chessmango/asdf-skate) | +| skill-audit-mcp | [eltociear/asdf-skill-audit-mcp](https://github.com/eltociear/asdf-skill-audit-mcp) | | Sloth | [slok/asdf-sloth](https://github.com/slok/asdf-sloth) | | smithy | [aws/asdf-smithy](https://github.com/aws/asdf-smithy) | | SML/NJ | [samontea/asdf-smlnj](https://github.com/samontea/asdf-smlnj) | diff --git a/plugins/skill-audit-mcp b/plugins/skill-audit-mcp new file mode 100644 index 00000000..9f191a04 --- /dev/null +++ b/plugins/skill-audit-mcp @@ -0,0 +1 @@ +repository = https://github.com/eltociear/asdf-skill-audit-mcp.git