SkillsSkill 4: Scan MCP Servers Before Deployment with mcpserver-audit and Snyk agent-scanModelContextProtocol-Security/mcpserver-audit (Cloud Security Alliance)·medium signal1. Install mcpserver-audit from the ModelContextProtocol-Security GitHub orgSourceSource pageModelContextProtocol-Security/mcpserver-audit (Cloud Security Alliance)↳ Follow the threadShared entity / Stack layerGoose v1.40.0 Adds a Local 'goose review' Command and Peek Mode for Async Background TasksGitHubShared entity / Stack layerSnyk's Evo Agentic Development Security Hit GA June 29 — an Enforcement Layer That Polices MCP Servers and Coding Agents at RuntimeSiliconANGLEShared entity / Stack layerMitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)arXivShared entity / Stack layerScan for MCP prompt injection at a centralized control plane, and treat every tool response as untrustedObot AIShared entity / Threat patternTip: Harden Any MCP Server You Run Locally — Bind to 127.0.0.1 and Require Auth on Management EndpointsAdversa AIShared entityKent C. Dodds Bets on a 'Post-Browser Era' — 'Jarvis' MCP Clients Replace the Browser, Wired Through MCP-UIEpic AI (Kent C. Dodds)Shared entityMicrosoft's Sales Agent and Service Agent reach general availability across Microsoft 365 Copilot and Dynamics 365Microsoft 365 Copilot BlogShared entity / Policy dependencyRoots, Sampling, and Logging are deprecated — new capabilities now ship as opt-in extensionsModel Context Protocol Blog