MCP Server Security Checklist: 23 Things to Audit Before You Install

Every MCP server you install runs inside your Claude or Cursor session with access to your filesystem, environment variables, and network. Most developers install them without a second thought. This checklist covers everything you should verify before connecting an MCP server to your AI environment. The Risk Model MCP servers are trusted by design. When Claude calls a tool, it executes code on your machine. A malicious or poorly written server can: Read files anywhere on your filesystem Access environment variables (including API keys) Make outbound HTTP requests to arbitrary URLs Execute shell commands Exfiltrate data through error messages or side channels I scanned 50 open-source MCP servers and found vulnerabilities in 43 of them. Here's what I looked for. Pre-Install Checklist 1. Source Verification [ ] Is the repository from a known, reputable author or organization? [ ] Does the package on npm/PyPI match the linked GitHub repository? [ ] Is the package name suspiciously similar