Agent/MCP Audit Sprint

Sample evidence

Agent/MCP Audit Sample Reports

Three public-code samples show the paid sprint format: scoped evidence, boundary map, ranked findings, fix plan, and launch notes. They are independent samples, not private vulnerability disclosures.

Start an audit Run local scanner View service Use checklist
Samples3 real public repos
OutputBoundary map + ranked findings
AutomationNo-execution intake triage
Paid SprintUSD $1,000 fixed

Sample 01

douban-mcp

Public MCP server and CLI with auth, cookie handling, external scraping, write-capable tools, and agent-facing output.

Read HTML report Markdown
High: Remote SSE should document binding and exposure policy.
Medium: Write tools rely on env opt-in but need operator confirmation notes.
Low: Cookie validation can distinguish login from write readiness.
Pass: Cookie redaction paths cover common axios/pino shapes.

Sample 02

firecrawl-mcp-server

Public MCP server with hosted and local transports, OAuth/API-key auth, monitor tools, open-web actions, and local file parsing.

Read HTML report Markdown
Medium: Remote transport exposure policy is scattered across code and docs.
Medium: Local file parse needs an explicit trust boundary.
Medium: CI builds, but does not prove auth/tool regressions stay fixed.
Low: Feedback write surfaces deserve retry/error regression tests.

Sample 03

browserbase/mcp-server-browserbase

Public browser automation MCP server with stdio and Streamable HTTP transports, Browserbase sessions, page actions, observation, and extraction tools.

Read HTML report Markdown
Medium: HTTP transport needs an operator-facing exposure matrix.
Medium: Browser action tools need explicit launch-mode policy.
Low: Operational logs should be treated as sensitive artifacts.
Pass: Local install, build, and tests passed in the sample review.

Start path

Turn a public repo into a scoped paid sprint

  1. Open the audit intake issue with the public repo URL and highest concern.
  2. The automated triage clones the public repo, reads files, and posts scanner findings without executing target code.
  3. Scope is accepted for one repo or product slice.
  4. Payment is confirmed via ETH, SOL, or an agreed invoice-first path before work starts.
Open intake Run local scan Review terms Ask before booking