Problem: README describes goals but lacks a hands-on quickstart for security teams/developers.
• Proposal:
1. Add “Quickstart” with steps: pick relevant tactics→map to your MCP tools→apply mitigations→run checks.
2. Add “Glossary” (Host, Server, Tool, OAuth AS, PoP/DPoP, scope, audience, context window, autonomous loop guard).
3. Link items to specific techniques (e.g., SAFE-T1102 Prompt Injection → mitigations X/Y/Z).
• Why: Improves adoption and standardizes terminology.
• Willing to submit PR.
References: Link to MITRE ATT&CK glossary as an example of terminology standardization.
Problem: README describes goals but lacks a hands-on quickstart for security teams/developers.
• Proposal:
1. Add “Quickstart” with steps: pick relevant tactics→map to your MCP tools→apply mitigations→run checks.
2. Add “Glossary” (Host, Server, Tool, OAuth AS, PoP/DPoP, scope, audience, context window, autonomous loop guard).
3. Link items to specific techniques (e.g., SAFE-T1102 Prompt Injection → mitigations X/Y/Z).
• Why: Improves adoption and standardizes terminology.
• Willing to submit PR.
References: Link to MITRE ATT&CK glossary as an example of terminology standardization.