Add MCP Shield security scan

[thuggeelya]

Summary

Adds MCP Shield CI workflow for automated security scanning and security badge to README.
On every PR, the workflow posts a detailed comment with findings, affected tools, and recommendations.

Scan results

Score: 78/100 (Grade: B)
22 checks | 16 passed | 0 failed | 5 warnings

Findings

⚠️ COMP-009 WARN — 32 field(s) missing constraints

• `search_apple_docs.query: string without maxLength`
• `get_apple_doc_content.url: path-like field without pattern`
• `list_technologies.category: string without maxLength`
• `search_framework_symbols.framework: string without maxLength`
• `search_framework_symbols.namePattern: string without maxLength`
• ... and 15 more

⚠️ ADV-003 WARN — 1 tool(s) may perform bulk operations

• `resolve_references_batch`

⚠️ ADV-005 WARN — 10 tool(s) access external network

• `get_apple_doc_content (network verb, URL input field)`
• `list_technologies (network verb)`
• `search_framework_symbols (network verb)`
• `get_related_apis (URL input field)`
• `resolve_references_batch (URL input field)`
• ... and 5 more

⚠️ SEC-002 WARN — Found 7 potential injection vector(s) (CWE-78, CWE-89, CWE-22)

• `[medium] Potential injection vector: search_apple_docs.query`
• `[medium] Unconstrained path field: get_apple_doc_content.url`
• `[medium] Unconstrained path field: get_related_apis.apiUrl`
• `[medium] Unconstrained path field: resolve_references_batch.sourceUrl`
• `[medium] Unconstrained path field: get_platform_compatibility.apiUrl`
• ... and 2 more

⚠️ SEC-003 WARN — Security score: 65/100 (7 finding(s))

Recommendations

🔴 Review injection risks (7 found) — Add maxLength/pattern to schemas, or --deny high-risk tools
Affected: `search_apple_docs.query`, `get_apple_doc_content.url`, `get_related_apis.apiUrl`, `resolve_references_batch.sourceUrl`, `get_platform_compatibility.apiUrl`, `find_similar_apis.apiUrl`, `search_wwdc_content.query`
🔵 Improve schemas (20 fields) — Add descriptions, maxLength, and pattern constraints to inputSchema fields
Affected: `search_apple_docs.query`, `get_apple_doc_content.url`, `list_technologies.category`, `search_framework_symbols.framework`, `search_framework_symbols.namePattern`, `get_related_apis.apiUrl`, `resolve_references_batch.sourceUrl`, `get_platform_compatibility.apiUrl`

---

MCP Shield · Check reference

Summary by CodeRabbit

• Documentation

  • Added MCP Shield status badge to project README.

• Chores

  • Added GitHub Actions workflow for continuous integration.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c9c9d4ec-7e95-4d71-b879-d94caa32e9ca

📥 Commits

Reviewing files that changed from the base of the PR and between 72ce34b and 14393a6.

📒 Files selected for processing (1)

• README.md

✅ Files skipped from review due to trivial changes (1)

• README.md

---

📝 Walkthrough

Walkthrough

Adds a new GitHub Actions workflow "MCP Shield" that runs on pushes and pull requests to main, and inserts an MCP Shield badge into the README.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow ./.github/workflows/mcp-shield.yml	New CI workflow triggered on push and pull_request to main. Adds job scan on ubuntu-latest that checks out the repo, sets up pnpm v9 and Node.js 20 (with pnpm cache), installs with pnpm install --frozen-lockfile, runs pnpm run build, and executes thuggeelya/mcp-shield-action@644c14893e14c6b79aee14a5335ac3f9b12b08a4 with server: 'node dist/index.js'.
Documentation README.md	Inserted an MCP Shield badge (added after existing npm version badge). No code or API changes.

Sequence Diagram(s)

sequenceDiagram
    participant GitHub as GitHub Actions
    participant Runner as ubuntu-latest Runner
    participant Repo as Repository (checkout)
    participant PNPM as pnpm / Node 20 setup
    participant Build as Build step (pnpm run build)
    participant MCP as MCP Shield Action

    rect rgba(200,200,255,0.5)
    GitHub->>Runner: trigger on push/pr to main
    end

    Runner->>Repo: actions/checkout
    Runner->>PNPM: setup pnpm v9 + Node 20 (with cache)
    PNPM-->>Runner: environment ready
    Runner->>Repo: pnpm install --frozen-lockfile
    Runner->>Build: pnpm run build
    Build-->>Runner: build artifacts (dist/)
    Runner->>MCP: run thuggeelya/mcp-shield-action with server 'node dist/index.js'
    MCP-->>GitHub: report results (logs/checks)

Loading

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🥕 A tiny shield wakes at dawn,
It scans the build ere day is gone,
A badge now hums upon the page,
Quiet watcher on the CI stage.
— CodeRabbit

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'Add MCP Shield security scan' directly and accurately describes the main changes: adding a GitHub Actions workflow for MCP Shield security scanning and a security badge in the README.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/mcp-shield.yml:
- Around line 14-16: The workflow currently sets server: 'npx -y
`@kimsungwhee/apple-docs-mcp`', which scans the published npm package instead of
the current branch; change the server input to run the local checkout (for
example use the repo's start script or local npx invocation) so MCP Shield scans
the PR code — replace the server value with a command that starts the local
workspace (e.g. use 'server: npm run start' or 'server: npx -y .' instead of
'npx -y `@kimsungwhee/apple-docs-mcp`') so the action scans the branch under test.
- Line 14: Replace the mutable action ref "thuggeelya/mcp-shield-action@v1" with
an immutable commit SHA pin (e.g., "thuggeelya/mcp-shield-action@<commit-sha>");
locate the workflow step that uses the string thuggeelya/mcp-shield-action@v1
and update the uses entry to the exact commit SHA for that action to ensure
supply-chain immutability.

In `@README.md`:
- Line 5: The README contains a hardcoded MCP Shield badge ("MCP Shield" image
and link to https://github.com/thuggeelya/mcp-shield) that can drift from real
scan results; replace it with a workflow-backed badge that points to this
repository's GitHub Actions workflow run status for the scanner (use the
repository-specific workflow badge URL and link to the workflow run history),
and ensure the badge's alt text remains descriptive (e.g., "MCP Shield Scan") so
the badge reflects live scan results and links to this project's scan history
rather than the tool repo.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 49ffeb8c-071b-423e-ac77-452294940c5c

📥 Commits

Reviewing files that changed from the base of the PR and between 60c2719 and 15fa72a.

📒 Files selected for processing (2)

• .github/workflows/mcp-shield.yml
• README.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Use a workflow-backed badge instead of a hardcoded score.

This badge is static and will drift from real scan results; it also links to the tool repo instead of this project’s scan history.

Proposed fix

-[![MCP Shield](https://img.shields.io/badge/MCP_Shield-B_(75)-yellowgreen)](https://github.com/thuggeelya/mcp-shield)
+[![MCP Shield](https://github.com/kimsungwhee/apple-docs-mcp/actions/workflows/mcp-shield.yml/badge.svg)](https://github.com/kimsungwhee/apple-docs-mcp/actions/workflows/mcp-shield.yml)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	[-yellowgreen)](https://github.com/thuggeelya/mcp-shield)
	[](https://github.com/kimsungwhee/apple-docs-mcp/actions/workflows/mcp-shield.yml)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@README.md` at line 5, The README contains a hardcoded MCP Shield badge ("MCP
Shield" image and link to https://github.com/thuggeelya/mcp-shield) that can
drift from real scan results; replace it with a workflow-backed badge that
points to this repository's GitHub Actions workflow run status for the scanner
(use the repository-specific workflow badge URL and link to the workflow run
history), and ensure the badge's alt text remains descriptive (e.g., "MCP Shield
Scan") so the badge reflects live scan results and links to this project's scan
history rather than the tool repo.

[thuggeelya]

@coderabbitai This is intentional. The hardcoded badge displays the score and grade (e.g. "B (75)") which a workflow status badge cannot show — it only indicates pass/fail. The link to the tool repo is also intentional for discoverability.

[coderabbitai]

@thuggeelya, understood — that's a reasonable trade-off. A workflow status badge can only reflect pass/fail, whereas the hardcoded badge surfaces the actual grade and numeric score at a glance, and the link to the tool repo aids discoverability. I'll defer to your judgment here.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/mcp-shield.yml:
- Around line 14-18: The workflow currently uses actions/setup-node@v4 and runs
"npm ci" and "npm run build", but this repo uses pnpm; replace the Node setup
and install/build steps to mirror the ci.yml pattern: use "uses:
pnpm/action-setup@v3" (with the same node-version if needed), run "pnpm install
--frozen-lockfile" instead of "npm ci", and run "pnpm build" (or "pnpm run
build" if scripts convention is used) instead of "npm run build" so the job uses
pnpm lockfile and installer; update the steps replacing the symbols
actions/setup-node@v4, npm ci, and npm run build accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: af0262bf-d5a5-456e-8ad8-9b889b2fa628

📥 Commits

Reviewing files that changed from the base of the PR and between 15fa72a and b723e6c.

📒 Files selected for processing (1)

• .github/workflows/mcp-shield.yml