Part of the Cognis Neural Suite by Cognis Digital Cognis Open Collaboration License (COCL) v1.0 · domain:
ai-security
MCP server hardening linter — capability declarations, transport, tool descriptions.
AI Security & Governance — securing LLMs, agents, and the MCP supply chain.
- Install the linter:
pip install cognis-mcpharden
- Audit a single MCP server manifest —
audittakes a manifest path and prints a findings table:mcpharden audit path/to/mcp-server.json
- Scan a directory of manifests and gate on severity.
scanwalks a file or directory;--min-severityfilters the report and--fail-oncontrols the exit code:mcpharden scan demos/ --min-severity low --fail-on high
- Read the output in a machine format.
--formatacceptstable(default),json,sarif, orhtml;--outwrites to a file instead of stdout:List the detection rules behind those findings withmcpharden scan demos/ --format sarif --out mcpharden.sarif # exit code is non-zero when a finding >= --fail-on is present echo $?
mcpharden rules. - Automate in CI — fail the build on high-severity findings and upload SARIF to code scanning:
To expose it to agents instead, run
- run: pip install cognis-mcpharden - run: mcpharden scan . --format sarif --out mcpharden.sarif --fail-on high - uses: github/codeql-action/upload-sarif@v3 with: { sarif_file: mcpharden.sarif }
mcpharden mcp(stdio JSON-RPC MCP server).
Security and intelligence teams need MCP server hardening linter — capability declarations, transport, tool descriptions without standing up heavyweight infrastructure. mcpharden is single-purpose, scriptable, CI-friendly, and self-hostable: point it at a target, get prioritized findings in the format your workflow already speaks (table, JSON, SARIF, HTML), and wire it into agents over MCP when you want it autonomous.
pip install cognis-mcpharden
# or, from this repo:
pip install -e ".[dev]"mcpharden --version
mcpharden scan demos/ # run against the bundled demo
mcpharden scan demos/ --format sarif --out r.sarif --fail-on high
mcpharden scan demos/ --format html --out report.html
mcpharden mcp # expose as an MCP server (Cognis.Studio / Claude Desktop / Cursor)Each scenario folder includes a SCENARIO.md describing the situation and the findings to expect.
- Table (default) — human-readable terminal summary
- JSON — machine-readable findings for pipelines
- SARIF — drops into GitHub code-scanning / IDE problem panes
- HTML — shareable report with severity rollups
Cognis composes and credits the best of open source. This tool builds on / interoperates with:
ModelContextProtocol-Security/mcpserver-audit— fork baseslowmist/MCP-Security-Checklist— checklist source
Missing a credit? Open a PR — see CONTRIBUTING.md.
mcpharden is one of 52 tools in the Cognis Neural Suite. Every tool ships an MCP server, so Cognis.Studio agents can call them as scoped capabilities.
Sibling tools in ai-security: aegis, promptmirror, ledgermind, adversa, guardpost, hallumark, aicard, biascope, agentlog, ragshield
- Design notes:
docs/ARCHITECTURE.md - Planned work:
ROADMAP.md
PRs, new detections, and demo scenarios are welcome under the collaboration-pull model. See CONTRIBUTING.md and SECURITY.md.
mcpharden composes with the 300+ tool Cognis suite — JSON in/out and a shared
OpenAI-compatible /v1 backbone. See INTEROP.md for the
suite map, composition patterns, and reference stacks.
Forward mcpharden's findings to STIX/MISP/Sigma/Splunk/Elastic/Slack/webhooks via
cognis-connect. See INTEGRATIONS.md.
Source-available under the Cognis Open Collaboration License (COCL) v1.0 — free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license (licensing@cognis.digital). See LICENSE.
This is dual-use security software. Use it only against systems, data, and identities you own or are explicitly authorized in writing to test, and in compliance with applicable law.
Cognis Digital — Wyoming, USA · Making Tomorrow Better Today: Advanced Cybersecurity, AI Innovation, and Blockchain Expertise.