MCP Find
Browse Servers
Blog
Docs
Submit Server
Back to Directory
/
Security & Auth
GitHub Actions Audit
GitHub Actions workflow security audit - 21 checks: pinning, permissions, secrets, injection.
Security & Auth
v1.0.1
View on GitHub
Learn More
MCP Server Security Deep Dive: Permissions and Attack Surface
Most MCP security guides stop at 'use HTTPS and rotate your keys.' This post goes deeper: permission models for real production deployments, API key leakage scenarios, prompt injection attack vectors specific to MCP tool calls, and the read vs write access patterns that define your actual blast radius.
Read article
MCP Servers for Healthcare: HIPAA Rules and Medical Data
Healthcare AI teams are deploying MCP servers faster than compliance teams can review them. This guide covers the HIPAA Security and Privacy Rules that apply when MCP servers touch patient data, which server categories are safe, and the technical controls required before production.
Read article
MCP Server Authentication: API Keys vs OAuth 2.1 Explained
The MCP specification adopted OAuth 2.1 in its 2025 revision. Static API keys still dominate for single-developer tools. This guide breaks down when each applies, what PKCE requires, and how the 221 security-category servers on MCPFind reflect real-world adoption patterns.
Read article