Risk Tag Guide

Understand MCP permission risk tags, review criteria and enterprise adoption checks for third-party MCP servers.

File accessCan read or modify local files and directories
Network accessSends requests to external APIs or websites
API key requiredRequires sensitive credentials such as API keys
Database writeCan perform write operations against a database
Browser controlCan simulate browser and page actions
Remote executionMay execute remote commands or code

Enterprise adoption checks

  1. 1Review source and maintenance status
    Validate in a test environment first, then document permission and credential scope.
  2. 2Apply least-privilege access
    Validate in a test environment first, then document permission and credential scope.
  3. 3Isolate sensitive environments
    Validate in a test environment first, then document permission and credential scope.
  4. 4Maintain a team allowlist
    Validate in a test environment first, then document permission and credential scope.

Higher-risk examples

Browse all ->