All rules / MCP01

MCP01 — Token / Secret Exposure

critical active

Summary

Long-lived secrets, API keys, or tokens hardcoded in tool source or descriptions.

Detection

Regex scan over file text and string literals (incl. tool description fields). Patterns cover AWS, GCP, Anthropic, OpenAI, GitHub PATs, JWT secrets, and high-entropy strings ≥32 chars.

Bad example

// BAD — hardcoded secret
const ANTHROPIC = 'sk-ant-1234567890abcdefghijklmn';

Good example

// GOOD — load from environment
const ANTHROPIC = process.env.ANTHROPIC_API_KEY;
if (!ANTHROPIC) throw new Error('ANTHROPIC_API_KEY required');

Fix

Move all secrets to environment variables or a secret manager. Never commit them. Rotate any value that has appeared in version control.

References

• OWASP MCP Top 10 — MCP01