Policy enforcement verification, cross-vendor attested registries, and privacy-preserving auditability in MCP

Investigate and develop formal verification methods for enforcing safety and security policies in MCP-based agent workflows; design cross-vendor interoperable attested registries for MCP tools and servers; and create privacy-preserving auditability mechanisms that provide verifiable provenance and compliance evidence without exposing sensitive data.

Background

After outlining a defense-in-depth architecture for MCP, the paper identifies remaining research gaps that hinder trustworthy deployment at scale.

The authors specifically point to the need for provable policy enforcement around agent actions, interoperable registries that can attest tool integrity across vendors, and auditability solutions that balance transparency with privacy.

References

However, significant research challenges remain. Questions around formal verification of policy enforcement, cross-vendor interoperability of attested registries, and privacy-preserving auditability are still open areas of study.

Systematization of Knowledge: Security and Safety in the Model Context Protocol Ecosystem  (2512.08290 - Gaire et al., 9 Dec 2025) in Section 6 Synthesis and Outlook