Feedback request: MCP safety audit taxonomy for agent workspaces #1416
godhiraj-code
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi MCP Registry maintainers, I am validating a local first safety audit format for agent workspaces that use MCP servers.
I am not opening this as a bug report. I am looking for taxonomy feedback from people working near MCP discovery, metadata, and server capability surfaces.
The report maps risks like exposed server/tool surfaces, write/delete/admin capabilities, broad filesystem reach, secrets in reachable directories, missing approval gates, and incident postmortem readiness.
Question:
a) What MCP-specific risk category would you expect this kind of report to catch that normal secret scanners miss?
b) Should server metadata include clearer capability/blast-radius signals for write/delete/admin tools?
c) Would this report format be useful before teams scale MCP usage across agent clients?
If this is not the right discussion area, happy to move it to the right place.
Many Thanks
Best Regards
Dhiraj
Beta Was this translation helpful? Give feedback.
All reactions