Audit Database

v1.0.0Securitystable

Community-maintained database of MCP server audit results and security assessments. Contains structured audit findings, compliance reports, and security ratings to help organizations evaluate MCP server safety and make informed deployment decisions.

audit-dbmcpai-integration
Share:
10
Stars
0
Downloads
0
Weekly
0/5

What is Audit Database?

Audit Database is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to community-maintained database of mcp server audit results and security assessments. contains structured audit findings, compliance reports, and security ratings to help organizations evaluate mcp serv...

Community-maintained database of MCP server audit results and security assessments. Contains structured audit findings, compliance reports, and security ratings to help organizations evaluate MCP server safety and make informed deployment decisions.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Community-maintained database of MCP server audit results an

Use Cases

Access structured audit findings and security assessments for MCP servers.
Review compliance reports and security ratings before deployment.
LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 17, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx audit-db

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Audit Database

The Audit Database (audit-db) is a community-maintained, open-source repository of structured security audits and compliance assessments for Model Context Protocol servers. It stores standardized JSON manifests and detailed markdown reports covering findings, severity ratings, CWE references, tools used, and reproduction steps. Organizations can query the database to evaluate MCP server safety before deployment, submit their own audit results, and programmatically integrate findings into their security toolchains using the included Python utilities.

Prerequisites

  • Python 3.9 or higher installed
  • Git installed to clone the repository
  • Node.js 18+ for TypeScript-based tooling in the repository
  • Familiarity with JSON schema and MCP server concepts
  • A MCP-compatible AI client such as Claude Desktop
1

Clone the audit-db repository

Clone the community repository to get the full database of audit results and the included Python utilities.

git clone https://github.com/ModelContextProtocol-Security/audit-db.git
cd audit-db
2

Explore the audit database structure

The repository organizes audits in a standardized directory layout. Each audit contains an audit-manifest.json with fields like audit_id, auditor, target, findings_summary, tools_used, compliance_checks, and references. Browse available audits to understand what has already been assessed.

ls audits/
cat audits/<server-name>/audit-manifest.json
3

Validate an audit submission

Before submitting your own audit, use the provided validate-audit.py tool to check that your JSON manifest conforms to the required schema. This catches missing required fields such as Finding ID, Severity, Category, and CWE reference.

python tools/validate-audit.py --path path/to/your/audit-manifest.json
4

Rebuild search indexes

After adding new audit entries, regenerate the search index so the database reflects the latest findings. This is also useful after pulling upstream changes.

python tools/generate-index.py
5

Add audit-db as an MCP resource in Claude Desktop

Since audit-db is a data repository rather than a running server, the most practical integration is to point Claude Desktop at the local checkout so the AI can reference audit findings. Add the path to your local clone in the MCP configuration.

Audit Database Examples

Client configuration

Because audit-db is a data repository, a typical integration uses a filesystem MCP server pointing to the local clone so Claude can read audit manifests and reports.

{
  "mcpServers": {
    "audit-db": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "/absolute/path/to/audit-db"]
    }
  }
}

Prompts to try

Ask Claude to reference audit findings from the local database to support deployment decisions.

- "What security findings exist for the GitHub MCP server in the audit database?"
- "Summarize the compliance checks and severity ratings for any audited filesystem MCP servers."
- "Which audited MCP servers have critical severity findings with CWE references?"

Troubleshooting Audit Database

validate-audit.py reports missing required fields

Open your audit-manifest.json and ensure all required top-level keys are present: audit_id, auditor, target, audit_metadata, findings_summary, tools_used, compliance_checks, and references. Use the provided template in the repository's /templates directory as a starting point.

generate-index.py fails with a FileNotFoundError

Run the script from the root of the repository (cd audit-db) so it can find the /audits directory. Make sure the audits folder exists and contains at least one valid subdirectory with an audit-manifest.json file.

Claude cannot read audit files through the filesystem MCP server

Verify the absolute path in your MCP config points to the repository root (e.g., /Users/you/audit-db not a subdirectory). Restart Claude Desktop after saving the config file.

Frequently Asked Questions about Audit Database

What is Audit Database?

Audit Database is a Model Context Protocol (MCP) server that community-maintained database of mcp server audit results and security assessments. contains structured audit findings, compliance reports, and security ratings to help organizations evaluate mcp server safety and make informed deployment decisions. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Audit Database?

Follow the installation instructions on the Audit Database GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Audit Database?

Audit Database works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Audit Database free to use?

Yes, Audit Database is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Audit Database Alternatives — Similar Security Servers

Looking for alternatives to Audit Database? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "audit-db": { "command": "npx", "args": ["-y", "audit-db"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Audit Database?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides