MCP security
Code quality and security audit: what is solid, what still needs work
Summary of the June 9, 2026 audit: supply chain, SQL, credentials, MCP hardening, config destruction and API disclosure.
Verdict
1 high, 2 medium, 1 low. The code is considered well hardened for such a young project, but several points still need fixes.
Strengths
The audit notes a client with no runtime dependencies, no install hooks, no dynamic code, no committed secrets, parameterized SQL and hardened credential handling.
The report also notes real prompt injection mitigation in the Hermes adapter, with an explicit fence around untrusted context.
The high finding
The most serious issue is silent configuration destruction if a JSON or YAML settings file is corrupt. A backup exists, but the user is not clearly alerted.
The expected fix is to fail fast or show an explicit warning before resetting an unreadable config.
Rerun the test
pip-audit && python scripts/run_mcp_security_suite.py