Last week, a subscriber emailed me asking about MCP security. “How can I be sure that the [MCP] contains no malware?” The subscriber comes from a non-technical background and was concerned about using possibly malicious MCPs. I started to think more about the implications of this security concern, especially when it comes to user adoption and enterprise adoption down the line.
Currently, the MCP space is dominated by developers. The majority of people using MCP servers are the same people that are building MCP servers. They understand how they’re built, and they have a better idea on how to filter out malicious MCPs. However, non-technical people like our subscriber might be excited about using MCPs, but may have concerns about security. The MCP community wants greater user adoption, but security must be addressed to achieve that.
The truth is, there currently is no sure-fire way to find out whether a MCP server is safe to use or malicious. Like many apps on the internet today, it’s up to your best judgement to decide whether or not an MCP is safe to use. However, there are a few ways you can protect yourself as a MCP user, and a couple of safeguards that we’ll go over in this article.
MCPs code should always be public source
Most MCPs in its current state are ran locally. When you paste the MCP link into your Claude Desktop or Cursor config like this,
{
"mcpServers": {
"google-maps": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-google-maps"
],
}
}
}your client actually installs the code from an open source package manager (NPM) and runs locally in your computer. This means the code you download from NPM is public source (the code is public for everyone to see), which is good for security. Public source means the developer community can see the code and vet the security of the MCP.
As an MCP user, we recommend you use MCPs that have high community engagement on GitHub. Look for MCPs that have a high number of Stars, Forks, and Contributors. If the project has high usage and high community engagement, it’s likely to be safer to use.
MCP Directories
MCP directories are also a good place to find vetted MCP servers. The best curated list of MCP servers is from the official Model Context Protocol servers list, maintained by the creators of MCP. This list is a directory of official integrations maintained by the companies that own them and are safe to use. Some of the popular servers include Slack, Google Maps, and GitHub. We highly recommend you find a server from this list before you look for servers elsewhere.
Another great place to find MCP servers is on Smithery. Smithery is growing to become the central marketplace for MCP servers.
Conclusion
It is ultimately up to you to decide what MCPs are safe to use, and what is suspicious. Don’t give non-trusted MCPs too much access to your computer, or applications. Do some research and use your judgement to filter out malware. Hopefully this article today has provided you with some ways to protect yourself from MCP malware. With the rise of remote MCPs coming soon, security is going to be an increasingly bigger issue. It’s going to be interesting to see how the MCP community tackles these challenges.
