Audit any MCP server.json for official MCP spec compliance.
This tool comes from an official registry entry, is open source, and has recent updates, which are positive trust signals. It does execute code and connects to api.meok.ai, but the sparse documentation and missing README leave its network behavior and local data access boundaries unclear, so overall it warrants caution rather than high risk.
The materials explicitly state that no keys or environment variables are required. There is no indication that users must provide API tokens, account credentials, or other highly sensitive secrets, so credential exposure risk appears low.
It is known to contact the remote endpoint api.meok.ai. However, with no README, the materials do not explain what data is sent, whether the audited server.json content is uploaded, or what additional context may be transmitted. This creates ordinary network egress exposure, but there is no explicit red flag such as exfiltration to unrelated or multiple unknown endpoints.
System checks indicate that this MCP tool executes code or launches processes, which is a normal capability for this class of tool. The available materials do not show requests for unusual system privileges or clearly unrelated high-risk actions beyond auditing MCP configuration, so this is rated caution rather than risk.
Based on its stated purpose, it may need to read the target MCP server.json or related configuration files. However, the documentation does not specify whether it reads additional directories, writes results back, or retains data. The local data access boundary is not transparent, so least-privilege use is advisable.
Positive factors include an official registry source, open-source code, and updates within the last year. Cautions remain: the README is missing, the license is not declared, and community adoption is very low (0 stars), which limits auditability in practice and ecosystem validation; however, this alone is not enough to classify it as high risk.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "io.github.CSOAI-ORG/mcp-spec-compliance-mcp" MCP server from askskill: Run: claude mcp add 'io-github-csoai-org-mcp-spec-compliance-mcp' -- npx -y mcp-spec-compliance-mcp
Please audit this MCP server.json against the official Model Context Protocol spec, list non-compliant items, assign risk levels, and provide fix recommendations.
A compliance audit report with issue list, severity notes, and actionable remediation steps.
Before releasing this MCP service, validate the server.json against the official spec, identify issues affecting compatibility or client integration, and summarize release readiness.
A pre-release assessment covering compatibility risks, blocking issues, and whether it is ready to ship.
Based on this non-compliant MCP server.json, explain each error and provide correction guidance or examples aligned with the official MCP spec.
Itemized explanations and fixes that help quickly bring the configuration into compliance.
Test MCP servers for spec compliance and quickly identify protocol issues.
Retrieve and verify audit regulations, clauses, and audit item references.
Connect to the mcp API via MCP to extend AI tool capabilities.
Run golden-file, schema-drift, and failure regression tests for any MCP server.
Convert any OpenAPI v3 spec into a working MCP server for AI integration.
Validate AI outputs against contracts and auto-repair noncompliant results.