Model Context Protocol
Code execution with MCP #638
-
Pre-submission Checklist
Question Category
Your QuestionRead this article: Code Execution With MCP I thought that this was a great solution to agent context overload, agent discovers tools by exploring the file system. However as I was trying to implement this myself, I realized that this solution has security considerations that need to be taken into account. For instance, a malicious user could perform prompt injection to read sensitive files or even modify permissions. Are there best practices for how to implement code execution with MCP? Treat me like a naive developer, because I am one. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
Hi @ltcompounder , there is a discussion here that should help point towards examples: modelcontextprotocol/modelcontextprotocol#1780 |
Beta Was this translation helpful? Give feedback.
-
|
hi @olaservo, thanks for the resource. i read the discussion and saw that you did a demo repo for code execution, will run through that. however it seems like there are a few concerns about security and PII exposure being brought up but with no direct follow ups so i'm guessing this is still unclear as to how the community should go about this? |
Beta Was this translation helpful? Give feedback.
-
|
@ltcompounder my own experiments don't include built-in sandboxing, but some of the other implementations shared in the discussion include examples of securing the environment. |
Beta Was this translation helpful? Give feedback.
-
|
(Closing as duplicate of linked discussion) |
Beta Was this translation helpful? Give feedback.
Hi @ltcompounder , there is a discussion here that should help point towards examples: modelcontextprotocol/modelcontextprotocol#1780