Does it support user identity management across agents?

Yes, it includes patterns for User Context Propagation, which ensures that user identity, roles, and permissions are securely maintained across all stages of a multi-agent pipeline.

How does this skill prevent prompt injection?

The skill provides specific implementation patterns for sanitizing user inputs and validating prompts against schemas to block malicious injection attempts before they reach the model.

Is this skill compatible with standard MCP servers?

Absolutely. It is specifically designed to be used when building or auditing Model Context Protocol (MCP) servers to ensure they meet enterprise security standards.

What is the 5-layer defense architecture in this skill?

It is a comprehensive security framework covering input validation, prompt injection prevention, SQL/NoSQL validation, context propagation, and authorization (RBAC/ABAC).

MCP Security Architect

Name: MCP Security Architect
Author: jpoutrin

byjpoutrin

•

Security & Testing

Implements a robust 5-layer defense architecture to secure multi-agent systems and MCP pipelines against prompt injection and unauthorized access.

The MCP Security skill is designed to fortify Model Context Protocol (MCP) servers and complex multi-agent workflows using a comprehensive five-layer defense strategy. It automates the implementation of critical security patterns, including input sanitization, prompt injection detection, and cross-pipeline user context propagation. By enforcing Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC), this skill ensures that AI-driven applications remain resilient against common vulnerabilities while maintaining strict data governance across every stage of the execution pipeline.

Key Features

015-Layer Defense Architecture implementation

02Strict input sanitization and schema validation

03Prompt injection detection and prevention

04Multi-agent user context propagation

052 GitHub stars

06RBAC and ABAC authorization patterns

Use Cases

01Securing multi-agent pipelines that process untrusted user input

02Building production-ready MCP servers with built-in security protocols

03Enforcing identity and access management (IAM) across distributed AI workflows

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jpoutrin/product-forge mcp-security

For use in Claude.ai and ChatGPT

Download Skill