MCP Security Model

The security model starts with delegated auth and profile isolation.

Controls

• Run agents with a dedicated profile.
• Allowlist command groups.
• Require structured JSON output.
• Deny destructive commands by default.
• Keep raw Teams content out of logs unless approved.
• Use future bot mode for unattended service identity posting.