downscoping-mcp

A security-focused tool that implements least-privilege credential injection for Claude Code by intercepting Bash and MCP tool calls to swap in minimum-privilege tokens. It enables secure execution of CLI commands and MCP operations by matching tool arguments against declarative YAML policies to prevent unauthorized access.

→ kbroughton/downscoping-mcp · listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 2 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/kbroughton-downscoping-mcp-l58kyx)](https://m8ven.ai/mcp/kbroughton-downscoping-mcp-l58kyx)

commit: 78a7c2aad7f4a09d21987eb94a245f8885a4ca78

code hash: e923c7baf3b9aa55e6944d3dee0b58b74dd8aa095bd266262560bbeb0144c9d4

verified: 4/11/2026, 2:28:06 PM

view raw JSON →