1. MCP Security Audit Gap: 'Initialize' Handshake Response Silently Discarded, Missing Critical Server Capability Analysis
A critical security analysis gap has been identified in the verification process for Model Context Protocol (MCP) servers. The current code in `src/active/verify-mcp.ts` discards the entire `initialize` handshake response—the single richest source of information about a server's attack surface—after only checking if th...