One potential benefit of a centralized registry is that we could have server.json submitters list out all the possible tools their server may ever invoke, fingerprint them, and store those fingerpoints for MCP client consumption.
A third party vendor could scan and approve these fingerprints as devoid of security risks, like tool poisoning attacks.
MCP clients could then use the fingerprints to avoid tool poisoning attacks that get surfaced due to hidden dynamic tool calls or supply chain attacks.
One potential benefit of a centralized registry is that we could have
server.jsonsubmitters list out all the possible tools their server may ever invoke, fingerprint them, and store those fingerpoints for MCP client consumption.A third party vendor could scan and approve these fingerprints as devoid of security risks, like tool poisoning attacks.
MCP clients could then use the fingerprints to avoid tool poisoning attacks that get surfaced due to hidden dynamic tool calls or supply chain attacks.