Rust workspace that scans repositories for SAFE-MCP techniques. It ships a CLI (safe-mcp-scan) and an MCP server (safe-mcp-analyzer) that call the shared engine.
- Prereqs: Rust stable, provider key in config or env (OpenAI/Anthropic), and
schemas/technique.schema.jsonpath if running outside the repo root. - CLI example:
cargo run -p cli -- --provider openai --model-name gpt-4o-mini \ T1001 --repo /path/to/repo \ --schema $(pwd)/schemas/technique.schema.json \ --json [--llm-review] - MCP server:
cargo run -p server --bin safe-mcp-analyzer(configure providers/filters in YAML/JSON). - Batch scans:
./run_scans.shruns all specs undertechniques/, continues on failures, writesscan_outputs/*.json.
- Specs: active techniques in
techniques/(top set), additional specs intechniques_backup/. - SAFE-MCP corpus (gitignored):
safe-mcp/README.md,safe-mcp/techniques/<ID>/README.md,safe-mcp/techniques/prioritized-techniques.md, mitigations undersafe-mcp/mitigations/. - Schema:
schemas/technique.schema.json(pass--schemawhen running outside repo root).
- Prompts include file path/extension/line range, README excerpt, rule hints; temperature pinned to 0.
- Path filters: include/exclude globs/exts and
max_file_bytes(0 disables); docs/manifests allowed by default. - Optional
--llm-reviewpost-filters findings; non-fatal on failure; reuses configured OpenAI model/key. - Evidence is mandatory (file, lines, snippet) for every finding; info-only findings do not fail the scan.
- See
AGENTS.mdfor contributor workflow, commands to run, and coding/testing conventions. - License: Apache 2.0 (see
LICENSE). Don't commit changes tosafe-mcp/corpus.