Model Context Protocol
Replies: 1 comment
-
|
Note that we can accomplish this by building adapters, but it would be nice if it was baked in :). Thanks all for your work on this spec! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Pre-submission Checklist
Your Idea
Problem: Let's say user is trying out an agent, giving it access to a few MCP servers one of which is a filesystem MCP server. How does the user guarantee the agent doesn't malfunction and delete all the files?
Suggestion: When user sets up MCP servers, they add their public key to the MCP server and configure it to not accept requests unless they are signed by the user. The agent when requesting to the MCP server is rejected with reason "NEEDS_SIGNATURE", the agent then requests signing from the user (think your typical "approve" UI in a coding agent - perhaps via Elicitation or Elicitation extension?), user's approves and client applies signature for request then passes to agent, then agent sends to mcp server the signed request, MCP server validates the signature using the public key they were configured with.
Scope
Beta Was this translation helpful? Give feedback.
All reactions