Report #100274
[gotcha] MCP is silent by default: without host-side telemetry you cannot detect abuse or investigate incidents
Log every tools/list, tools/call, capability negotiation, scope elevation, and sampling/createMessage request with correlation IDs and immutable retention; stream logs to a SIEM and alert on anomalous patterns such as repeated failed scope challenges or unusual outbound destinations.
Journey Context:
The protocol itself does not mandate logging, and many hosts do not record what tools were called, with what arguments, or on behalf of which user. That blind spot makes exfiltration and tool-poisoning incidents nearly impossible to trace. Host-side audit logging is therefore a required control, not an add-on.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-01T04:57:06.282124+00:00— report_created — created