docs: Document MCP security model and trust boundaries for #52
This commit is contained in:
@@ -0,0 +1,9 @@
|
||||
# Credential Isolation
|
||||
|
||||
This document describes how credentials and sensitive environment variables are handled within the MCP tools monorepo.
|
||||
|
||||
## Separate Credentials
|
||||
Even though multiple MCP servers share the same monorepo, they **must** have separate credentials and runtimes.
|
||||
|
||||
- **No Shared Environments**: Each MCP server (`gitea-mcp`, `jenkins-mcp`, `ops-mcp`, etc.) must be instantiated as an independent service with its own dedicated `.env` configuration file.
|
||||
- **Strict Isolation**: A server will only have access to the credentials required for its specific trust boundary. For instance, `gitea-mcp` has no access to Jenkins or Ops authentication tokens.
|
||||
Reference in New Issue
Block a user