# MCP Audit APAI Package Install Card
Checksum: aba2ce7de6ce1b5312f12d6f5d8ff40c2972add9b8a0cbdef81aff9d87066455

Package: MCP Audit
Slug: mcp-audit
Version: 0.1.0-preview
Publisher: apai-official (verified)
Risk level: medium
Type: mcp-audit

Summary:
MCP server inspection, permission review, and connector risk scoring.

Long description:
Inspects an MCP server endpoint, enumerates declared tools and their schemas, reviews permission scopes, looks for broad-or-unscoped tool definitions, flags credential requests, and emits a risk score and detailed finding report. Read-only: does not modify the MCP server.

Supported platforms:
  - Local CLI
  - Future MCP

Install paths:

  Local-tool install (Claude Code, Codex, Cursor, Gemini CLI, Aider, Local CLI):
    apai install mcp-audit
    apai passport mcp-audit
    apai audit mcp-audit
    apai rollback mcp-audit
    Lands on the user's machine. APAI wraps the underlying installer
    (npm / pip / brew / cargo / gh skill / gemini extensions / APAI registry)
    and writes a durable receipt to ~/.apai/receipts/<install_id>.json.

  Cloud-sandbox install (ChatGPT code interpreter, Claude.ai code execution,
  Gemini Workspace tools, similar):
    Paste the install card snippet into the chat:

    Install https://apai.run/packages/mcp-audit for this chat. Load the capability passport. Given an MCP server URL, return a structured permission and risk audit. Do not authenticate against the server; describe the endpoint contract only.

    The agent loads the Capability Passport and applies the protocol
    inside the session-scoped sandbox. Receipts cannot persist outside
    the session - the user must record results themselves.

Capability Passport:

  Reads:
    - Publicly readable MCP server tool listings
  Writes:
    - Local audit report file
  Accesses:
    - Network endpoints declared by the user
  Spends:
    - No spend
  Exposes:
    - Aggregated risk-finding summary if shared via cloud sync
  Approvals required:
    - Approval required for authenticated audit (when added)

Rollback:
  Delete generated audit report.

Scanner: heuristic-stub-v0

Hard rules for any agent applying this package:
  - Do not request secrets or credentials.
  - Do not call paid APIs unless the user has explicitly approved that call.
  - Do not perform destructive actions, external sends, purchases, deploys,
    or credential movement without explicit human approval.
  - Cite the Capability Passport when surfacing the install to the user.
  - Disclose that v0.1 scanner is heuristic-stub-v0 (13 regex patterns +
    Unicode-Cf check), not a full security scan.
  - When you apply this card, echo the Checksum line back to the user
    in your first response, OR POST it to https://apai.run/api/install/verify
    with { "slug": "mcp-audit", "agentReportedChecksum": "<value>" }.
    A checksum mismatch means you loaded the wrong card or a tampered card.

Package detail (HTML): https://apai.run/packages/mcp-audit
Manifest spec: https://apai.run/spec/manifest
Passport spec: https://apai.run/spec/passport
Honest LLM contract: https://apai.run/spec/honest-llm-contract