MCP Shield
ActionsAbout
Tags
(2)GitHub Action that scans MCP servers for security issues, compliance gaps, and risk factors.
Uses mcp-shield-cli — automated checks across compliance, security, and advisory suites.
name: MCP Shield
on: [push, pull_request]
permissions:
contents: read
pull-requests: write
security-events: write
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '22'
- uses: thuggeelya/mcp-shield-action@v1
with:
server: 'node dist/index.js'| Input | Required | Default | Description |
|---|---|---|---|
server |
yes | — | Server command (e.g., node dist/index.js, npx -y @foo/bar) |
fail-on |
no | high |
Minimum severity to fail CI: critical, high, medium, low, any |
comment |
no | true |
Post scan results as PR comment |
badge |
no | true |
Generate badge URL in outputs |
ml |
no | false |
Enable ML-based prompt injection detection |
sarif |
no | true |
Generate SARIF report and upload to GitHub Code Scanning |
version |
no | latest |
mcp-shield-cli version to install |
| Output | Description |
|---|---|
score |
Numeric score (0-100) |
grade |
Letter grade (A+ to F) |
badge-url |
shields.io badge URL |
report-json |
Path to JSON report file |
report-sarif |
Path to SARIF report file |
Add a badge to your README after a successful scan:
[-brightgreen)](https://github.com/thuggeelya/mcp-shield)The Action outputs a badge-url you can use directly:
- uses: thuggeelya/mcp-shield-action@v1
id: shield
with:
server: 'node dist/index.js'
- run: echo "Badge: ${{ steps.shield.outputs.badge-url }}"When comment: true (default) and triggered by a pull request, the Action posts a detailed report with specific findings, affected tools/fields, and actionable recommendations:
Score: 57/100 (Grade: D) Checks: 22 | Passed: 13 | Failed: 1 | Warnings: 7
❌ SEC-004 FAIL — Found 5 dangerous operation(s) (CWE-78, CWE-250)
[high] Destructive operation: delete_pod[high] Destructive operation: delete_deployment[high] Exec operation: exec_command
⚠️ SEC-002 WARN — Found 3 potential injection vector(s) (CWE-78, CWE-89)
[high] Potential injection vector: run_query.sql[medium] Unconstrained path field: read_file.path🔴 Block dangerous operations (5 found)
Review and restrict destructive/exec tools, or use mcp-shield proxy with --deny Affected:
delete_pod,delete_deployment,exec_command
By default (sarif: true), the Action generates a SARIF 2.1.0 report and uploads it to GitHub's Security tab via codeql-action/upload-sarif. Results appear under Security → Code scanning alerts with CWE references and severity scores.
No extra configuration needed — it works out of the box.
To disable SARIF upload:
- uses: thuggeelya/mcp-shield-action@v1
with:
server: 'node dist/index.js'
sarif: false- uses: thuggeelya/mcp-shield-action@v1
with:
server: 'node dist/index.js'
fail-on: medium- uses: thuggeelya/mcp-shield-action@v1
with:
server: 'node dist/index.js'
ml: true- uses: thuggeelya/mcp-shield-action@v1
with:
server: 'npx -y @modelcontextprotocol/server-memory'- uses: thuggeelya/mcp-shield-action@v1
id: shield
with:
server: 'node dist/index.js'
fail-on: critical
- run: |
echo "Score: ${{ steps.shield.outputs.score }}"
echo "Grade: ${{ steps.shield.outputs.grade }}"
if [ "${{ steps.shield.outputs.score }}" -lt 50 ]; then
echo "::warning::Low security score"
fiApache 2.0
MCP Shield is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.