registry icon indicating copy to clipboard operation
registry copied to clipboard

Published 20 hours ago verified publisher icon modelcontextprotocol

Consider mitigating against typosquatting

Open tadasant opened this issue 6 months ago • 2 comments

Seeing as we aren't serving the use case of direct downloading of packages (like some npm install <packagename> flow), typosquatting is not a particularly notable risk.

However, we should consider blocking publication of packages within a certain edit distance of existing packages (esp. popular ones).

We may want to use #95 in the definition of "popular".

tadasant avatar May 27 '25 23:05 tadasant

Typo squatting / homograph spoofing / Unicode normalization is a somewhat deep subject. My guess is that the deeper intent is to mitigate both search (e.g. accent insensitive) and browsing (visual similarity) attacks.

Are there rules/recommendations on how punycode MCP server names (reverse DNS names) are rendered? This is a vector for attack if tools handle the punycode.

joelverhagen avatar Jun 13 '25 17:06 joelverhagen

I would say we should restrict to some reasonable subset of printable ASCII characters for server names, and that the registry should use the punycoded version of hostnames to avoid domain confusion.

connor4312 avatar Jun 13 '25 18:06 connor4312