docs/mcp/SECURITY.md

Docs MCP Security

The documentation MCP server is read-only.

Exposed Content

Denied Content

Authentication

/mcp requires:

Authorization: Bearer <DOCS_MCP_AUTH_TOKEN>

Tokens must never be committed.

Open raw source