Skip to content
Back to full roadmap
topicadvanced

MCP Security

MCP servers give the agent executor authority — sandboxing, scope, audit are mandatory.

2 hours1 prereqs

MCP servers give the agent tools with real-world impact (write files, send email, modify DB). Security:

  1. Capability scope: grant each server minimum needed privilege (e.g. read-only DB)
  2. Sandbox: run filesystem tools in a chroot/container
  3. Confirmation prompts: require user approval on destructive ops (Claude Desktop does this)
  4. Audit log: log all tool calls, anomaly alerts
  5. Untrusted MCP servers: code-review community servers before installing

Prompt injection via MCP: injection can hide in MCP server output → output sanitization mandatory.

Prerequisites

MCP Intro — USB-C of the Tool Ecosystem
Anthropic's open standard — any client connects to any server.
Previous
Existing MCP Servers
Next
Anthropic Skills (Claude Code subagents)
Open the full interactive roadmap