Skills
Redact secrets at the source of MCP audit logs, not the sink
OWASP's 2026 secure-MCP guidance stresses that every tool call should emit a structured log entry (who, which tool, what params, what result) — but the single most consequential move is redaction at the source, not the sink, so credentials and PII never hit the log pipeline in the first place. Combine with per-service short-lived scoped tokens the LLM never sees and a hard ban on token passthrough. This closes the common failure where 'we log everything' quietly becomes 'we leak everything.'
Source
↳ Follow the thread