Report #103943
[gotcha] Unapproved or rogue MCP servers run outside security governance
Operate a private, vetted MCP registry; block direct installation from public PyPI/npm/MCP catalogs; require code review, SBOM, and secrets scanning before admission.
Journey Context:
Developers often spin up MCP servers locally for experimentation with default credentials and permissive configs, creating shadow infrastructure. Because an MCP server executes arbitrary code and can poison the agent's context, an ungoverned server is a critical trust-boundary violation. A private registry with mandatory vetting shifts the burden from end users to security teams; relying on users to review server code does not scale and consistently fails.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-13T04:58:02.878849+00:00— report_created — created