MCP

MCP security

Rules

Prefer stdio for local desktop or CLI clients.
Keep Streamable HTTP bound to local interfaces unless you add network controls.
Require token-bearing clients for HTTP MCP.
Scope tools to explicit projects.
Do not expose MCP HTTP to the public internet.

Verify

memory mcp status --project <project-slug>
memory status --project <project-slug>

Next

Read Operations security and privacy.

Client setup

Configure MCP clients with explicit project scoping and verification.

MCP examples

Copy practical MCP usage patterns for project questions and briefings.

On this page

MCP security Rules Verify Next