How does this skill improve MCP server security?

It provides specific patterns for prompt injection defense, zero-trust allowlisting, hash verification for tools, and secure OAuth 2.1 implementation.

Which programming languages are prioritized in these patterns?

The patterns focus primarily on TypeScript and Python, as these have the most robust SDK support for the Model Context Protocol.

Does this skill help with server scaffolding?

While it provides the patterns, it is designed to work alongside the official mcp-builder skill; use mcp-builder for setup and this skill for advanced features and hardening.

What version of the MCP specification does this skill support?

This skill is based on the 2025-11-25 specification, which is the latest stable release maintained by the Agentic AI Foundation.

Can I use this for building interactive UIs in Claude?

Yes, it includes patterns for the MCP Apps standard and @mcp-ui/* SDKs to create interactive interfaces within supported AI clients.

MCP Server Design Patterns

Name: MCP Server Design Patterns
Author: yonatangross

byyonatangross

•

116

•

API開発

Implements advanced Model Context Protocol (MCP) patterns for server building, authentication, and security hardening.

This skill provides a comprehensive framework for developing production-ready Model Context Protocol (MCP) servers based on the latest 2025 specifications. It guides developers through complex architectural tasks such as implementing OAuth 2.1 with PKCE, managing server lifecycles with FastMCP, and securing integrations against prompt injection and 'rug pull' attacks. By providing a structured decision tree and standardized patterns for tool composition, resource caching, and interactive UIs, this skill ensures that your AI tools are scalable, secure, and fully compliant with the standards maintained by the Agentic AI Foundation.

主な機能

01Interactive UI integration using MCP Apps and @mcp-ui/ SDKs

02Security hardening against prompt injection and malicious tool updates

03Standardized patterns for tool composition, parallel execution, and branching

04Advanced OAuth 2.1 and OIDC authentication patterns with PKCE

05Implementation guides for server-side sampling and user elicitation

06116 GitHub stars

ユースケース

01Creating complex agentic workflows using server-initiated input requests

02Hardening existing AI tool integrations against security vulnerabilities

03Building secure, enterprise-grade MCP servers with robust authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yonatangross/orchestkit mcp-patterns

For use in Claude.ai and ChatGPT

Download Skill