Report #100276
[gotcha] Installing an MCP server from npm/pip can pull in malicious dependencies or spawn an ungoverned shadow server
Pin server versions, verify package signatures and SBOMs, scan dependencies, run servers in isolated sandboxes, maintain an approved server inventory, and block one-click installs from untrusted sources.
Journey Context:
An MCP server is arbitrary code with access to user data. Typosquatting, compromised dependencies, and developers spinning up unofficial 'shadow' instances bypass enterprise controls. Supply-chain discipline and runtime isolation are essential because the protocol cannot vouch for the server's integrity.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-01T04:57:12.402629+00:00— report_created — created