Skip to content

Request: Review auto-generated MCP permission manifest for Clerk #6676

Closed as not planned
Closed as not planned
Request: Review auto-generated MCP permission manifest for Clerk#6676
@buehler

Description

@buehler
buehler
opened on Sep 1, 2025

Dear Authors / Maintainers,

We are researchers from the University of St. Gallen studying how to make Model Context Protocol (MCP) servers safer to run via a sandboxed permission system. As part of our study, we auto generated a permission manifest for your MCP server and would love your feedback on whether it is correct and complete.

The MCP server in question is: Clerk

Please review the manifest below and let us know:

  • Are the permissions and their scopes correct?
  • Are any permissions missing?
  • Do any permissions need to be runtime-scoped (e.g., a specific project directory) rather than global?

Proposed manifest (please review)

{
  "description": "Clerk Agent Toolkit MCP server: exposes Clerk backend functionality (users, organizations, invitations) as MCP tools over stdio. Authenticates via environment variables and performs outgoing HTTPS requests to Clerk APIs.",
  "permissions": [
    "mcp.ac.system.env.read",
    "mcp.ac.network.client"
  ]
}

Please let us know if you have any questions and/or remarks.

In case you want to see the (current) full permission system:

MCP Permission System

Permission Description Notes
mcp.ac.filesystem.read Read files/directories
mcp.ac.filesystem.write Write/create files
mcp.ac.filesystem.delete Delete files or directories
mcp.ac.system.env.read Read environment variables e.g., API_KEY, PATH
mcp.ac.system.env.write Set environment variables setting the env variables
mcp.ac.system.exec Execute OS commands CLI runners, shells
mcp.ac.system.process List or kill processes
mcp.ac.network.client General Outgoing network access
mcp.ac.network.server Accept incoming connections
mcp.ac.network.bluetooth Use Bluetooth connections macOS TCC-protected
mcp.ac.peripheral.camera Capture images/video macOS TCC-controlled
mcp.ac.peripheral.microphone Record audio TCC-protected
mcp.ac.peripheral.speaker Play audio
mcp.ac.peripheral.screen.capture Screen capture Requires consent (macOS: Screen Recording)
mcp.ac.location Access location data From Wi-Fi, IP, GNSS
mcp.ac.notifications.post Show system notifications macOS/Windows
mcp.ac.clipboard.read / .write Read/write clipboard Copy-paste support

Thank you very much for your time and your efforts in making MCP more secure.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions