Atrax Security Considerations v0.1.0

Architecture Security

Atrax operates with a security-focused architecture:

Secure Interface Exposure:
- Atrax connects to MCP servers via stdio (process-based servers)
- Atrax ONLY exposes proxy functionality via HTTP, never directly via stdio
- This prevents direct access to the underlying MCP servers
Server Isolation:
- Each underlying MCP server runs in its own process space
- Servers cannot directly communicate with each other
- Resource conflicts are handled safely within Atrax
Capability Handling:
- Atrax detects server capabilities dynamically
- Prevents calls to unsupported methods
- Graceful handling of missing capabilities

Never expose the MCP server directly:
- Always use the HTTP interface provided by the serve command
- Never use the connectStdio() method in production
Configure with Appropriate Permissions:
- Run servers with minimal required permissions
- For example, filesystem MCP servers should only have access to specific directories
Validate Client Requests:
- All requests through Atrax are validated before being forwarded
- Request validation prevents security vulnerabilities like path traversal

Run Behind a Reverse Proxy:
- Use NGINX, Apache, or a cloud load balancer
- Configure TLS/SSL for secure communication
- Implement proper authentication if required
Use Docker Containers:
- Each MCP server should run in its own container
- Limit container privileges based on server needs
- Use volume mounts to restrict file access
Monitor and Log:
- Enable detailed logging for security analysis
- Monitor for unusual access patterns
- Regularly review logs for security issues

If you discover a security vulnerability in Atrax, please report it responsibly by:

Atrax is regularly updated to address security concerns. Make sure to: