Aulafy
Courses/Agents and automation/MCP without giving away your keys

MCP without giving away your keys

MCP makes an agent useful because it connects it to GitHub, databases, browsers, and internal services. That same power expands the attack surface.

  • Understand what risk each MCP server adds.
  • Separate credentials, permissions, and sandbox environments.
  • Design allowlists and usage rules for teams.
TerminalCode
{
  "mcpServers": {
    "github-readonly": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_READONLY_TOKEN}"
      }
    }
  }
}

Best practices

  • Use read-only tokens when the workflow does not need to write.
  • Separate development, preview, and production tokens.
  • Do not put secrets in repositories, prompts, or screenshots.
  • Review what tools each MCP exposes before approving it.
  • Limit allowed servers for teams through managed settings if you have them.