Security Model
Every tool on mcpsearchtool.com runs in a WebAssembly sandbox. No exceptions.
WASM Sandbox Isolation
Tools execute in isolated wasmtime instances with:
- No file system access by default
- No network access by default
- Memory limits enforced (128MB default)
- Execution timeout (30 seconds default)
Capability-Based Security
Tools request capabilities in their policy.yaml:
component_id: tools/pdf-parser:v1.0.0
max_memory_bytes: 134217728
max_execution_time_ms: 30000
allowed_file_access: []
allowed_network_domains: []
allowed_wasi_capabilities:
- random
- clocksCryptographic Signing
- Every component is signed with Ed25519 or RSA-PSS
- Responsible party embedded in OCI annotations
- Full provenance chain available
Trust Boundaries
| Boundary | Protection |
|---|---|
| Registry Push | OAuth 2.0 + JWT (no anonymous push) |
| Component Signing | Ed25519/RSA-PSS signatures |
| Runtime Isolation | WASM sandbox + WASI P2 capabilities |
| Audit Trail | All loads/invocations logged |