Security

Threat model (short)

  • Developer workstation: whoever controls the OS user can read mcp.json, tray storage, and RC_API_KEY.
  • RC-API: if bound to localhost only, network exposure is limited; if remote, use TLS + auth like any internal HTTP service.
  • Local tools: MCP handlers may access filesystem and OS APIs—only enable tools you trust.

Keys

  • RC_API_KEY: rotate on compromise; never commit to git or paste into public tickets.
  • Model provider keys: stay on RC-API env / secret store—not in Cursor chat logs.

MCP stdio

  • Traffic is process-local between Cursor and MCP—not a substitute for locking down RC-API when exposed.

Reporting

Use the security policy on your published GitHub repo when disclosing vulnerabilities.

Removed fiction

Older docs claimed enterprise RBAC matrices, mandatory TLS everywhere, TDE, etc. Apply those only when you actually deploy them.

Previous
API Reference
Next
Plugin Development
Slopbook® Engine - powered by Slopman