Why it matters

MCP servers are new attack surface. Understanding shapes MCP deployment.

Advertisement

The architecture

Sandbox MCP server processes.

Explicit tool allowlist.

Audit all invocations.

Verify server source.

MCP supply chainSandbox processcontainer / gVisorTool allowlistexplicit approvalAudit + verifytrusted sourcesMCP transports (stdio, SSE, HTTP) each have different attack surface
MCP supply chain.
Advertisement

How it works end to end

Sandbox: container per MCP server.

Allowlist tools explicitly.

Registry of vetted servers.

Audit logs.