diff --git a/.github/workflows/mcp-safety-scan.yml b/.github/workflows/mcp-safety-scan.yml
new file mode 100644
index 0000000000..e053822e30
--- /dev/null
+++ b/.github/workflows/mcp-safety-scan.yml
@@ -0,0 +1,36 @@
+name: MCP Safety Scan
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "src/**"
+      - ".github/workflows/mcp-safety-scan.yml"
+      - ".mcp-safety-baseline.json"
+  pull_request:
+    paths:
+      - "src/**"
+      - ".github/workflows/mcp-safety-scan.yml"
+      - ".mcp-safety-baseline.json"
+
+permissions:
+  contents: read
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      # Pin the action version for supply-chain safety.
+      - uses: TheodorNEngoy/mcp-safety-scanner@5e09227cf63d559ec211ad3d99dfd3272c5a31c3 # v0.4.9
+        with:
+          path: src
+          baseline: .mcp-safety-baseline.json
+          fail-on: high
+          format: github
diff --git a/.mcp-safety-baseline.json b/.mcp-safety-baseline.json
new file mode 100644
index 0000000000..9fe3cd523a
--- /dev/null
+++ b/.mcp-safety-baseline.json
@@ -0,0 +1,53 @@
+{
+  "version": 2,
+  "tool": "mcp-safety-scanner",
+  "generatedAt": "2026-02-08T18:53:00.598Z",
+  "fingerprints": [
+    "1080301ccc119b431825933246b66e42e8bb0e6aa4a286a27f6bf38639054e48",
+    "92abe3840e2e6c28655320eb095aefaaa3c766c73c9bb2e2a68b0255a3a8fcb6",
+    "b9bbbaf2acab0552d78b2e857daeb99e6d3f3ca0abfa1710540e97bb1998db97",
+    "e7805b7df03dde0ac35d234b54585a60d470e869e45d59b87f6d941757fc20a6"
+  ],
+  "entries": [
+    {
+      "fingerprint": "1080301ccc119b431825933246b66e42e8bb0e6aa4a286a27f6bf38639054e48",
+      "ruleId": "file-delete-apis",
+      "severity": "medium",
+      "file": "filesystem/lib.ts",
+      "excerpt": "await fs.unlink(tempPath);",
+      "context": "",
+      "line": 154,
+      "column": 20
+    },
+    {
+      "fingerprint": "92abe3840e2e6c28655320eb095aefaaa3c766c73c9bb2e2a68b0255a3a8fcb6",
+      "ruleId": "file-delete-apis",
+      "severity": "medium",
+      "file": "filesystem/lib.ts",
+      "excerpt": "await fs.unlink(tempPath);",
+      "context": "",
+      "line": 252,
+      "column": 18
+    },
+    {
+      "fingerprint": "b9bbbaf2acab0552d78b2e857daeb99e6d3f3ca0abfa1710540e97bb1998db97",
+      "ruleId": "cors-wildcard-origin",
+      "severity": "high",
+      "file": "everything/transports/streamableHttp.ts",
+      "excerpt": "cors({",
+      "context": "cors({ origin: \"*\", // use \"*\" with caution in production methods: \"GET,POST,DELETE\", preflightContinue: false, optionsSuccessStatus: 204, exposedHeaders: [\"mcp-session-id\", \"last-event-id\", \"mcp-protocol-version\"], }) );",
+      "line": 44,
+      "column": 3
+    },
+    {
+      "fingerprint": "e7805b7df03dde0ac35d234b54585a60d470e869e45d59b87f6d941757fc20a6",
+      "ruleId": "cors-wildcard-origin",
+      "severity": "high",
+      "file": "everything/transports/sse.ts",
+      "excerpt": "cors({",
+      "context": "cors({ origin: \"*\", // use \"*\" with caution in production methods: \"GET,POST\", preflightContinue: false, optionsSuccessStatus: 204, }) ); const transports: Map<string, SSEServerTransport> = new Map<",
+      "line": 11,
+      "column": 3
+    }
+  ]
+}