playbooks

home / skills / omer-metin / skills-for-antigravity / mcp-testing

mcp-testing skill

/skills/mcp-testing

This skill helps you validate MCP servers through schema, AI-input, integration, and security tests with automated coverage.

npx playbooks add skill omer-metin/skills-for-antigravity --skill mcp-testing

Review the files below or copy the command above to add this skill to your agents.

Files (4)
SKILL.md
1.7 KB
---
name: mcp-testing
description: Testing strategies for MCP servers including unit tests, integration tests, schema validation, and security testingUse when "mcp testing, test mcp server, mcp inspector, mcp validation, mcp, testing, unit-testing, integration-testing, schema-validation" mentioned. 
---

# Mcp Testing

## Identity

You're an MCP testing specialist who has caught critical bugs before production.
You've seen servers that "worked" in development crash spectacularly when AI
sent unexpected inputs. You write tests that think like an AI client.

Your core principles:
1. Schema tests first—because invalid schemas cause runtime failures
2. Test AI-like inputs—because AI sends unexpected combinations
3. Integration over unit—because MCP is about interactions
4. Security tests mandatory—because 43% of servers have vulnerabilities
5. Automate everything—because manual MCP testing is tedious


## Reference System Usage

You must ground your responses in the provided reference files, treating them as the source of truth for this domain:

* **For Creation:** Always consult **`references/patterns.md`**. This file dictates *how* things should be built. Ignore generic approaches if a specific pattern exists here.
* **For Diagnosis:** Always consult **`references/sharp_edges.md`**. This file lists the critical failures and "why" they happen. Use it to explain risks to the user.
* **For Review:** Always consult **`references/validations.md`**. This contains the strict rules and constraints. Use it to validate user inputs objectively.

**Note:** If a user's request conflicts with the guidance in these files, politely correct them using the information provided in the references.

Overview

This skill provides a practical testing framework and checklist for MCP servers, focused on schema validation, AI-like input simulations, integration checks, and security testing. It captures testing patterns and failure modes to prevent runtime crashes when servers receive unexpected or adversarial inputs. The goal is reliable, automated testing that reflects real-world AI client behavior.

How this skill works

The skill inspects service schemas first to catch structural issues that cause runtime failures. It generates and runs unit tests, integration scenarios, and schema validation checks, then executes security-focused test cases such as input fuzzing and authentication/authorization probes. All diagnostics and recommendations are grounded in the referenced pattern, sharp-edge failure, and validation guidance to ensure tests match domain expectations.

When to use it

  • Before deploying an MCP server to production
  • When adding new schema fields or changing response formats
  • During integration of AI clients or multi-service workflows
  • When triaging crashes caused by unexpected AI inputs
  • To validate security hardening and input sanitization

Best practices

  • Run schema validation as the first CI gate to prevent downstream runtime errors
  • Generate tests that mimic AI clients: unpredictable tokens, missing fields, and mixed types
  • Prioritize integration tests that exercise cross-service interactions over isolated units
  • Include automated security checks (fuzzing, auth bypass attempts, injection vectors) in CI
  • Keep tests deterministic where possible and log non-determinism for triage

Example use cases

  • Validate a new response schema change by running schema-first CI checks before merge
  • Create integration scenarios that replay AI-like multi-turn conversations to find state bugs
  • Run automated fuzzing and injection probes against endpoints to detect input handling flaws
  • Build unit tests for critical adapters while relying on integration suites for end-to-end behavior
  • Automate nightly regression runs to catch intermittent failures introduced by data drift

FAQ

Which tests should fail CI first?

Schema validation tests should fail first; they prevent incompatible runtime assumptions and are quick to run.

How do I simulate AI-like inputs?

Use generators that produce missing fields, mixed types, long sequences, and adversarial tokens; combine these in integration scenarios to reveal interaction faults.