SAFE-M-14: Server Allowlisting

July 6, 2025 ยท View on GitHub

Overview

Mitigation ID: SAFE-M-14
Type: Preventive Control
Complexity: Medium
Effectiveness: High

Description

Maintain and enforce a list of trusted MCP server domains to prevent connections to malicious servers.

Implementation

[To be documented]

Related Techniques

  • SAFE-T1007: OAuth Authorization Phishing
  • SAFE-T1004: Server Impersonation / Name-Collision

References

  • Model Context Protocol Specification

Contents

  1. 1Overview
  2. 2Description
  3. 3Implementation
  4. 4Related Techniques
  5. 5References