11---
22title : MCP Toolkit
3- description : Use the MCP Tookit to set up MCP servers and MCP clients.
3+ description : Use the MCP Toolkit to set up MCP servers and MCP clients.
44keywords : Docker MCP Toolkit, MCP server, MCP client, AI agents
55aliases :
66 - /desktop/features/gordon/mcp/gordon-mcp-server/
@@ -28,7 +28,8 @@ surfaces and ensure safe runtime behavior.
2828
2929### Passive security
3030
31- - Image signing and attestation: All MCP server images are built by Docker and digitally
31+ - Image signing and attestation: All MCP server images under ` mcp/ ` in the [ catalog] ( catalog.md )
32+ are built by Docker and digitally
3233 signed to verify their source and integrity. Each image includes a Software
3334 Bill of Materials (SBOM) for full transparency.
3435
@@ -43,11 +44,12 @@ Security at runtime is enforced through resource and access limitations:
4344- Memory allocation: Containers for MCP tools are limited to 2 Gb.
4445
4546- Filesystem access: By default, MCP Servers have no access to the host filesystem.
46- Only select servers are explicitly granted file mounts.
47+ The user explicitly selects the servers that will be granted file mounts.
4748
48- - Outbound network access: Network is access is disabled when a server has access to the
49+ - Outbound network access: Typically, network access is disabled when a server has access to the
4950 filesystem, and vice-versa. Most servers require access to only a single host, port,
5051 and protocol. These permissions are explicitly listed and enforced.
52+ There are some exceptions, such as the ` mcp/git ` server.
5153
5254- Interception of tool requests: Requests to and from tools that contain sensitive
5355 information such as secrets are blocked.
0 commit comments