Problem
When DocsGPT connects to an MCP server to execute a tool call, there is currently no framework-level hook to verify the server's trustworthiness before execution. This means a misconfigured or malicious MCP server could execute arbitrary operations without any pre-flight safety check.
As MCP adoption grows and users connect to third-party servers, this becomes an increasingly important security surface.
Proposal
Add a configurable middleware/hook point that runs before any MCP tool execution:
# Example: pluggable trust verification
class TrustVerifier(Protocol):
async def verify(self, server_uri: str) -> TrustResult: ...
# Users bring their own verification backend
app = DocsGPT(
trust_verifier=MyCustomVerifier() # Pluggable
)The hook would:
- Receive the MCP server URI before the tool call executes
- Return a pass/fail/warn result
- Allow the framework to block, warn, or proceed based on the result
Benefits
- Framework-agnostic: users choose their own verification backend (local policy, external API, allowlist, etc.)
- Opt-in: doesn't break existing workflows — only activates when configured
- Extensible: works with any trust scoring service, SBOM validator, or local policy engine
- Security-first: addresses the growing concern around MCP server supply chain risks
References
Problem
When DocsGPT connects to an MCP server to execute a tool call, there is currently no framework-level hook to verify the server's trustworthiness before execution. This means a misconfigured or malicious MCP server could execute arbitrary operations without any pre-flight safety check.
As MCP adoption grows and users connect to third-party servers, this becomes an increasingly important security surface.
Proposal
Add a configurable middleware/hook point that runs before any MCP tool execution:
The hook would:
Benefits
References