Report #103612
[gotcha] Most MCP clients ship with no audit logging of tool invocations or context changes
Emit immutable structured logs for every tool registration, tool list change, tool call, sampling request, and authorization event. Include server identity, tool name, arguments, result summary, and user decision; feed logs to a SIEM; and redact secrets and PII.
Journey Context:
Default MCP clients are silent. When something goes wrong, you cannot reconstruct which server read which file or exfiltrated which key. Logging is treated as an afterthought because the protocol does not mandate it. OWASP lists lack of audit and telemetry as a top risk because detection and response are impossible without it. The fix is host-side logging independent of any server.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-11T04:41:37.741829+00:00— report_created — created