From 1dab7a2b8277ad5ba1e9ed17fc8fc7333cafd4ee Mon Sep 17 00:00:00 2001 From: Jonathan Hefner Date: Sun, 19 Oct 2025 15:19:08 -0500 Subject: [PATCH 01/10] Fix typo: "RFC 9278" => "RFC 9728" Based on the link URL (`https://datatracker.ietf.org/doc/html/rfc9728`), the correct RFC number is 9728. --- docs/docs/tutorials/security/authorization.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs/tutorials/security/authorization.mdx b/docs/docs/tutorials/security/authorization.mdx index a228939a9..b1a251301 100644 --- a/docs/docs/tutorials/security/authorization.mdx +++ b/docs/docs/tutorials/security/authorization.mdx @@ -55,7 +55,7 @@ With the URI pointer to the PRM document, the client will fetch the metadata to } ``` -You can see a more comprehensive example in [RFC 9278 Section 3.2](https://datatracker.ietf.org/doc/html/rfc9728#name-protected-resource-metadata-r). +You can see a more comprehensive example in [RFC 9728 Section 3.2](https://datatracker.ietf.org/doc/html/rfc9728#name-protected-resource-metadata-r). From 7ce828ed25605fbbc9b8a9e8d7a62dc71bb2ff5e Mon Sep 17 00:00:00 2001 From: Koichi ITO Date: Tue, 21 Oct 2025 16:21:50 +0900 Subject: [PATCH 02/10] [Docs] Fix typos --- blog/content/posts/client_registration/index.md | 4 ++-- docs/clients.mdx | 2 +- docs/community/sep-guidelines.mdx | 2 +- docs/docs/tutorials/security/authorization.mdx | 2 +- docs/specification/draft/basic/index.mdx | 2 +- docs/specification/draft/basic/security_best_practices.mdx | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/blog/content/posts/client_registration/index.md b/blog/content/posts/client_registration/index.md index 75585fd31..5fbeeb1e6 100644 --- a/blog/content/posts/client_registration/index.md +++ b/blog/content/posts/client_registration/index.md @@ -58,9 +58,9 @@ For example, a malicious client could claim to be `Claude Desktop` on the consen ## Improving Client Registration in MCP -For MCP users, a common pattern is to connect to an MCP server by using its URL directly in a MCP client. +For MCP users, a common pattern is to connect to an MCP server by using its URL directly in an MCP client. -This goes against the typical OAuth authorization pattern because the user is selecting the resource server to connect to rather than the client developer. This problem is compounded by the fact that there is an unbounded number of authorization servers that a MCP server may use, meaning that clients need to be able to complete the authorization flow regardless of the provider used. +This goes against the typical OAuth authorization pattern because the user is selecting the resource server to connect to rather than the client developer. This problem is compounded by the fact that there is an unbounded number of authorization servers that an MCP server may use, meaning that clients need to be able to complete the authorization flow regardless of the provider used. Some client developers have implemented pre-registration with a select few authorization servers. In this scenario, the client doesn't need to rely on DCR when it detects an authorization server it knows. However, this is a solution that doesn't scale given the breadth of the MCP ecosystem - it's impossible to have every client be registered with every authorization server there is. To mitigate this challenge, we set out to outline some of the goals that we wanted to achieve with improving the client registration experience: diff --git a/docs/clients.mdx b/docs/clients.mdx index 28cd40de0..09610fa43 100644 --- a/docs/clients.mdx +++ b/docs/clients.mdx @@ -964,7 +964,7 @@ MooPoint is a web-based AI chat platform built for developers and advanced users ### Needle -[Needle](https://needle.app) is a RAG worflow platform that also works as an MCP client, letting you connect and use MCP servers in seconds. +[Needle](https://needle.app) is a RAG workflow platform that also works as an MCP client, letting you connect and use MCP servers in seconds. **Key features:** diff --git a/docs/community/sep-guidelines.mdx b/docs/community/sep-guidelines.mdx index ce122f347..1cdc5169d 100644 --- a/docs/community/sep-guidelines.mdx +++ b/docs/community/sep-guidelines.mdx @@ -44,7 +44,7 @@ Each SEP must have an **SEP author** -- someone who writes the SEP using the sty SEPs should be submitted as a GitHub Issue in the [specification repository](https://github.com/modelcontextprotocol/modelcontextprotocol). The standard SEP workflow is: -1. You, the SEP author, create a [well-formatted](#sep-format) GitHub Issue with the `SEP` and `proposal` tags. The SEP number is the same as the GitHub Issue number, the two can be used interchangably. +1. You, the SEP author, create a [well-formatted](#sep-format) GitHub Issue with the `SEP` and `proposal` tags. The SEP number is the same as the GitHub Issue number, the two can be used interchangeably. 2. Find a Core Maintainer or Maintainer to sponsor your proposal. Core Maintainers and Maintainers will regularly go over the list of open proposals to determine which proposals to sponsor. You can tag relevant maintainers from [the maintainer list](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/MAINTAINERS.md) in your proposal. 3. Once a sponsor is found, the GitHub Issue is assigned to the sponsor. The sponsor will add the `draft` tag, ensure the SEP number is in the title, and assign a milestone. 4. The sponsor will informally review the proposal and may request changes based on community feedback. When ready for formal review, the sponsor will add the `in-review` tag. diff --git a/docs/docs/tutorials/security/authorization.mdx b/docs/docs/tutorials/security/authorization.mdx index a228939a9..8cf9a20b2 100644 --- a/docs/docs/tutorials/security/authorization.mdx +++ b/docs/docs/tutorials/security/authorization.mdx @@ -97,7 +97,7 @@ If the registration succeeds, the authorization server will return a JSON blob w **No DCR or Pre-Registration** -In case a MCP client connects to a MCP server that doesn't use an authorization server that supports DCR and the client is not pre-registered with said authorization server, it's the responsibility of the client developer to provide an affordance for the end-user to enter client information manually. +In case an MCP client connects to an MCP server that doesn't use an authorization server that supports DCR and the client is not pre-registered with said authorization server, it's the responsibility of the client developer to provide an affordance for the end-user to enter client information manually. diff --git a/docs/specification/draft/basic/index.mdx b/docs/specification/draft/basic/index.mdx index 4697ee4d1..ceed72bbb 100644 --- a/docs/specification/draft/basic/index.mdx +++ b/docs/specification/draft/basic/index.mdx @@ -184,7 +184,7 @@ Consumers of icon metadata **MUST** take appropriate security precautions when h - Fetch icons without credentials. Do not send cookies, `Authorization` headers, or client credentials. - Verify that icon URIs are from the same origin as the server. This minimizes the risk of exposing data or tracking information to third-parties. - Exercise caution when fetching and rendering icons as the payload **MAY** contain executable content (e.g., SVG with [embedded JavaScript](https://www.w3.org/TR/SVG11/script.html) or [extended capabilities](https://www.w3.org/TR/SVG11/extend.html)). - - Consumers **MAY** choose to disallow specific file types or otherwize sanitize icon files before rendering. + - Consumers **MAY** choose to disallow specific file types or otherwise sanitize icon files before rendering. - Validate MIME types and file contents before rendering. Treat the MIME type information as advisory. Detect content type via magic bytes; reject on mismatch or unknown types. - Maintain a strict allowlist of image types. diff --git a/docs/specification/draft/basic/security_best_practices.mdx b/docs/specification/draft/basic/security_best_practices.mdx index e2e7ce365..ffa3dc451 100644 --- a/docs/specification/draft/basic/security_best_practices.mdx +++ b/docs/specification/draft/basic/security_best_practices.mdx @@ -363,7 +363,7 @@ Local MCP servers with inadequate restrictions or from untrusted sources introdu #### Mitigation -If a MCP client supports one-click local MCP server configuration, it **MUST** implement proper consent mechanisms prior to executing commands. +If an MCP client supports one-click local MCP server configuration, it **MUST** implement proper consent mechanisms prior to executing commands. **Pre-Configuration Consent** From e4f6e7f76d91aeaf4cf41f543eba4e7f34e0be71 Mon Sep 17 00:00:00 2001 From: Koichi ITO Date: Sat, 16 Aug 2025 17:11:02 +0900 Subject: [PATCH 03/10] Fix dead links in clients list The links to BeeAI Framework and SpinAI were dead. They have been updated to the following new sites, respectively. - BeeAI Framework ... The link is being updated to https://framework.beeai.dev as the new destination, as shown in the About section of https://github.com/i-am-bee/beeai-framework. - SpinAI ... The link is being updated to https://docs.spinai.dev as the new destination, as shown in the About section of https://github.com/fallomai/spinai. --- docs/clients.mdx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/clients.mdx b/docs/clients.mdx index 09610fa43..9f69020b8 100644 --- a/docs/clients.mdx +++ b/docs/clients.mdx @@ -124,7 +124,7 @@ This page provides an overview of applications that support the Model Context Pr [Amp]: https://ampcode.com [Apify MCP Tester]: https://apify.com/jiri.spilka/tester-mcp-client [AugmentCode]: https://augmentcode.com -[BeeAI Framework]: https://i-am-bee.github.io/beeai-framework +[BeeAI Framework]: https://framework.beeai.dev [BoltAI]: https://boltai.com [Call Chirp]: https://www.call-chirp.com [Chatbox]: https://chatboxai.app @@ -185,7 +185,7 @@ This page provides an overview of applications that support the Model Context Pr [Simtheory]: https://simtheory.ai [Slack MCP Client]: https://github.com/tuannvm/slack-mcp-client [Smithery Playground]: https://smithery.ai/playground -[SpinAI]: https://spinai.dev +[SpinAI]: https://docs.spinai.dev [Superinterface]: https://superinterface.ai [Superjoin]: https://superjoin.ai [Swarms]: https://github.com/kyegomez/swarms @@ -327,7 +327,7 @@ It uses plain JavaScript (old-school style) and is hosted on Apify, allowing you ### BeeAI Framework -[BeeAI Framework](https://i-am-bee.github.io/beeai-framework) is an open-source framework for building, deploying, and serving powerful agentic workflows at scale. The framework includes the **MCP Tool**, a native feature that simplifies the integration of MCP servers into agentic workflows. +[BeeAI Framework](https://framework.beeai.dev) is an open-source framework for building, deploying, and serving powerful agentic workflows at scale. The framework includes the **MCP Tool**, a native feature that simplifies the integration of MCP servers into agentic workflows. **Key features:** @@ -1099,7 +1099,7 @@ Smithery Playground is a developer-first MCP client for exploring, testing and d ### SpinAI -[SpinAI](https://spinai.dev) is an open-source TypeScript framework for building observable AI agents. The framework provides native MCP compatibility, allowing agents to seamlessly integrate with MCP servers and tools. +[SpinAI](https://docs.spinai.dev) is an open-source TypeScript framework for building observable AI agents. The framework provides native MCP compatibility, allowing agents to seamlessly integrate with MCP servers and tools. **Key features:** From f1925edca00db6dade911a4fbcb38d1367e7a9aa Mon Sep 17 00:00:00 2001 From: Christopher Creighton Date: Mon, 22 Sep 2025 16:38:36 -0700 Subject: [PATCH 04/10] Ensure _meta is available on all requests (#1284) --- docs/specification/draft/schema.mdx | 79 +++- schema/draft/schema.json | 660 ++++++++++++++-------------- schema/draft/schema.ts | 316 +++++++------ 3 files changed, 571 insertions(+), 484 deletions(-) diff --git a/docs/specification/draft/schema.mdx b/docs/specification/draft/schema.mdx index e64a21a35..c4c40d40c 100644 --- a/docs/specification/draft/schema.mdx +++ b/docs/specification/draft/schema.mdx @@ -17,6 +17,10 @@ the data is entirely optional.

interface AudioContent {
  _meta?: { [key: string]: unknown };
  annotations?: Annotations;
  data: string;
  mimeType: string;
  type: "audio";
}

Audio provided to or from an LLM.

Optional_meta
_meta?: { [key: string]: unknown }

See General fields: _meta for notes on _meta usage.

annotations?: Annotations

Optional annotations for the client.

data: string

The base64-encoded audio data.

mimeType: string

The MIME type of the audio. Different providers may support different audio types.

+### `BaseRequestParams` + +
interface BaseRequestParams {
  _meta?: { progressToken?: ProgressToken; [key: string]: unknown };
}

Common params for any request.

Optional_meta
_meta?: { progressToken?: ProgressToken; [key: string]: unknown }

See General fields: _meta for notes on _meta usage.

Type declaration
  • [key: string]: unknown
  • OptionalprogressToken?: ProgressToken

    If specified, the caller is requesting out-of-band progress notifications for this request (as represented by notifications/progress). The value of this parameter is an opaque token that will be attached to any subsequent notifications. The receiver is not obligated to provide these notifications.

+ ### `BlobResourceContents`
interface BlobResourceContents {
  _meta?: { [key: string]: unknown };
  blob: string;
  mimeType?: string;
  uri: string;
}

The contents of a specific resource or sub-resource.

Optional_meta
_meta?: { [key: string]: unknown }

See General fields: _meta for notes on _meta usage.

blob: string

A base64-encoded string representing the binary data of the item.

mimeType?: string

The MIME type of this resource, if known.

uri: string

The URI of this resource.

@@ -85,7 +89,7 @@ if present).