
owasp-mcp
✓ Official★ 1,200by microsoft · part of microsoft/hve-core
OWASP MCP Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in Model Context Protocol environments - Brought to…
This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.
by microsoft
OWASP MCP Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in Model Context Protocol environments - Brought to…
npx skills add https://github.com/microsoft/hve-core --skill owasp-mcp
Download ZIPGitHub1.2k
OWASP MCP Top 10 — Skill Entry
This SKILL.md is the entrypoint for the MCP Vulnerabilities skill.
The skill encodes the OWASP MCP Top 10 (2025) as structured, machine-readable references that an agent can query to identify, assess, and remediate MCP security risks.
Normative references (MCP Top 10)
Skill layout
-
SKILL.md— this file (skill entrypoint). -
references/— the MCP Top 10 normative documents. -
00-vulnerability-index.md— index of all vulnerability identifiers, severities, and cross-references. -
01through10— one document per vulnerability aligned with OWASP MCP numbering.
npx skills add https://github.com/microsoft/hve-core --skill owasp-mcpRun this in your project — your agent picks the skill up automatically.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.