mcp-audit
The mcp-audit skill analyzes connected Model Context Protocol servers to identify token overhead, tool redundancy, and security concerns. Use it when sessions feel sluggish, before adding new MCP servers, or when context window fills quickly, as each server adds its complete tool descriptions to every API request regardless of actual usage.
git clone --depth 1 https://github.com/rohitg00/pro-workflow /tmp/mcp-audit && cp -r /tmp/mcp-audit/skills/mcp-audit ~/.claude/skills/mcp-auditSKILL.md
# MCP Audit
Analyze MCP server overhead and recommend cleanup.
## Trigger
Use when:
- Sessions feel slow or expensive
- Adding a new MCP server
- Context fills up quickly
- Reviewing project configuration
## Key Insight
Each MCP server adds ALL its tool descriptions to every API request. A server with 20 tools adds ~2K-4K tokens per request, regardless of whether you use those tools.
## Audit Steps
### Step 1: List Active Servers
Check all MCP configurations:
```bash
cat .claude/settings.json 2>/dev/null | grep -A 50 "mcpServers"
cat ~/.claude/settings.json 2>/dev/null | grep -A 50 "mcpServers"
```
### Step 2: Count Tools Per Server
For each server, estimate token overhead:
- 1-5 tools: ~200-500 tokens (low overhead)
- 6-15 tools: ~500-1500 tokens (moderate)
- 16-30 tools: ~1500-3000 tokens (high)
- 30+ tools: ~3000+ tokens (excessive — consider tool filtering)
### Step 3: Check Usage
Questions to ask:
- Which servers were actually used this session?
- Which servers haven't been used in 7+ days?
- Are there servers with overlapping functionality?
- Are there servers only needed for specific tasks?
### Step 4: Recommend Actions
**Disable** servers that:
- Haven't been used in 7+ days
- Overlap with another active server
- Are project-specific but you're in a different project
**Keep** servers that:
- Are used every session (filesystem, git)
- Provide unique capabilities needed for current work
- Have low tool count (<5 tools)
## Output
```text
MCP AUDIT
Active servers: [N]
Total tools: [N]
Estimated overhead: ~[N]K tokens per request
Server Analysis:
[name] — [N] tools, ~[N] tokens
Status: KEEP / DISABLE / REVIEW
Reason: [why]
Recommendations:
Disable: [list]
Keep: [list]
Review: [list]
Projected savings: ~[N]K tokens per request (~$X.XX per session)
```
## Thresholds
- Total servers: <10 (ideal), 10-15 (monitor), >15 (reduce)
- Total tools: <80 (ideal), 80-120 (monitor), >120 (reduce)
- Per-server: <15 tools (ok), 15-30 (filter), >30 (split or disable)
## Rules
- Never disable servers without user confirmation
- Estimate token savings for each recommendation
- Consider task context — a server might be unused today but critical tomorrow
- Check for `disabledMcpjsonServers` to avoid re-recommending already-disabled serversAnalyzes and optimizes context window usage across sessions. Use when context feels bloated, sessions run slow, or approaching compaction limits.
Analyze session token usage and cost patterns. Identify expensive operations and recommend optimizations. Use to understand and reduce session costs.
Specialized debugging agent. Use when facing hard bugs, test failures, or runtime errors that need systematic investigation.
Multi-phase development agent. Research > Plan > Implement with validation gates. Use PROACTIVELY when building features that touch >5 files or require architecture decisions.
Analyze permission denial patterns and generate optimized alwaysAllow/alwaysDeny rules. Use when permission prompts slow down workflow.
Break down complex tasks into implementation plans before writing code. Use when task touches >5 files, requires architecture decisions, or has unclear requirements.
Code review specialist that verifies every finding against actual code before reporting. Use before committing, for PR reviews, or after major changes.
Confidence-gated exploration that assesses readiness before implementation. Scores 0-100 across five dimensions and gives GO/HOLD verdict.