OpenChainGraph Suite · CONTRACT A3 · arch #5

MCP Server Security Hardening

MCP tool definition linting > MCP server JSON validation > MCP OAuth authorisation audit > MCP tool-poisoning scan > MCP DNS-rebinding transport audit — composite MCP security mandate.

OpenChainGraph · 5 Steps infrastructure mandate Hash-Anchored §4 chain_depth:5 Client-Side · Zero PII
Chain Topology — Mcp Tool Definition Linter → Mcp Server Json Validator → Mcp Oauth Authorization Auditor → Mcp Tool Poisoning Scanner → Mcp Transport Dns Rebinding Auditor
§4 Execution Hash · Chain Definition Anchor
execution_hash:computing…
Market Rationale
Buyer: Platform Security Engineer / AI Infrastructure Architect
Forcing function: MCP 2025-03 spec; OWASP AI security; enterprise MCP deployment hardening requirements
Chain Stages · 5 Steps
1 ROOT · D0 catalog
Mcp Tool Definition Linter 274-mcp-tool-definition-linter
tool_definition_issues and schema_gaps feed Stage 2 MCP server JSON validation
2 D2 catalog
Mcp Server Json Validator 275-mcp-server-json-validator
server_json_errors and config_mismatches feed Stage 3 MCP OAuth audit
3 D3 catalog
Mcp Oauth Authorization Auditor 278-mcp-oauth-authorization-auditor
oauth_vulnerabilities and auth_gaps feed Stage 4 tool-poisoning scan
4 D4 catalog
Mcp Tool Poisoning Scanner 282-mcp-tool-poisoning-scanner
poisoning_risk_score and exploit_vectors feed Stage 5 DNS-rebinding audit
5 TERMINAL · D5 catalog
Mcp Transport Dns Rebinding Auditor 284-mcp-transport-dns-rebinding-auditor
transport_security_assessment and composite_mcp_mandate — final MCP security mandate
Export Artifacts
Download the §4 chain definition artifact (hash-anchored composite JSON) or the §13.11 W3C Verifiable Credentials view. Both derive from the chain definition — no new hash is minted. Available after hash computation.