NVIDIA 
Cursor 
GitHub 
Docker 
Maven 
Financial Services 
Public Sector 
Technology 
Healthcare 
Gaming 
Automotive 
Enterprise 
Accelerating AI Agent Development on Google Cloud with JFrog MCP Registry
Developers building agentic AI on Google Cloud have powerful infrastructure at their fingertips: Gemini 3 for reasoning, Google’s Agent Development Kit (ADK) for orchestration, and a rapidly expanding ecosystem of Model Context Protocol (MCP) servers that connect agents to data and tools. So why are so many teams still waiting weeks to ship their first agent to production?
The bottleneck isn’t the technology. It’s governance. Every new MCP server a developer wants to use needs to be reviewed, and without automated tooling to vet those servers, that review lands in the security team’s queue. The result is a familiar stalemate: developers eager to build, security teams unwilling to approve what they can’t see, and a growing shadow ecosystem of unreviewed servers running under the radar of both.
JFrog MCP Registry is purpose-built to break this stalemate, giving Google Cloud teams a governed, self-serve path to MCP adoption, without asking security to accept blind trust.
The Real Cost of Ungoverned MCP Adoption
MCP servers aren’t passive data connectors. They execute commands with real privileges inside your environment. On Google Cloud, Gemini-powered agents use MCP servers to query BigQuery, interact with Google Kubernetes Engine, manage Cloud Storage, and execute complex multi-step workflows. That access is valuable. It’s also dangerous when left unmanaged.
Three risks justify security’s caution:
- Supply chain exposure — MCP servers pulled from GitHub repositories, community catalogs, or direct vendor downloads may contain malicious code or vulnerabilities that weren’t visible at install time. Without a governance layer, developers connect agents to servers that have never been scanned.
- Over-privileged agent access — MCP servers often grant agents broader access than any task requires. Without tool-level permissions, an agent with access to a BigQuery MCP server may be able to query, delete, or modify data far beyond its intended scope. And at machine speed, the blast radius is large.
- Shadow AI — Blanket bans don’t stop MCP adoption; they push it underground. Developers find workarounds. MCP servers run locally on developer machines, completely outside security’s view. Gartner recommends that security leaders implement a centralized MCP server registry with layered security controls, because the answer to ungoverned adoption isn’t less access, it’s structured, auditable access.
Understanding these risks is what makes the security team’s “no” rational and a governed “yes” possible.
How JFrog MCP Registry Solves the Problem
JFrog MCP Registry is the industry’s first enterprise-scale control plane built to govern MCP servers across the full Agentic Software Supply Chain. It sits inside the JFrog AI Catalog, the single system of record for all enterprise AI assets: models, agent skills, and MCP servers, unified alongside your traditional software artifacts. Here is how the governance layers work:
Perimeter defense via JFrog Curation
JFrog Curation automatically vets every MCP server against your security, compliance, and operational policies before it can be used. Malicious or non-compliant servers are blocked at the gate, before they ever reach a developer’s machine.
Granular, tool-level permissions
JFrog MCP Registry enforces permissions at the individual tool level, not just the server level. A GCP team building a Gemini-powered analytics agent can access exactly the BigQuery read tools they need, without gaining access to tools that modify or delete data.
Frictionless IDE integration
JFrog MCP Registry integrates directly with Cursor, VS Code, and Claude Code through a lightweight CLI Gateway. Developers get a self-serve catalog of pre-approved MCP servers they can connect to instantly, no security tickets, no waiting. Governance happens invisibly, at the point of request.
Complete MCP visibility
JFrog AI Catalog gives security teams a full inventory of every MCP server in use across the organization: which servers are active, what tools they expose, and what policies apply. For the first time, the CISO can answer the question that previously had no answer: what do our agents actually have access to?
Velocity and Governance Are Not a Tradeoff
When MCP governance is automated and built into the development workflow, the security review that used to slow everything down becomes invisible. Consider what changes for GCP teams:
| Stage | Without JFrog MCP Registry | With JFrog MCP Registry |
| Security review | Manual ticket | Automated policy engine |
| Server discovery | Manual search across GitHub, vendor docs | Self-serve catalog inside the IDE |
| Access control | Server-level, all-or-nothing | Granular tool-level permissions |
| Visibility | No system of record | Full inventory in JFrog AI Catalog |
Your teams on Google Cloud can adopt new Gemini capabilities faster than competitors still processing manual reviews. Your security team can say “yes” to AI adoption without accepting blind trust. Your agents are only as trustworthy as what they consume, build, and ship — and JFrog governs all of it in a single source of truth.
JFrog MCP Registry is available now as part of the JFrog AI Catalog. To see how it can eliminate your security bottleneck and accelerate time-to-agent on Gemini, schedule a demo with a JFrog expert, take an online tour, or start a free trial of the JFrog Software Supply Chain Platform.
New insights from +1,400 security & DevOps leaders. Get the Full Report.
