Govern and Control MCP at Enterprise Scale

A centralized MCP Registry that ensures developers and agents only use pre-vetted MCP servers with fine-grained access control at the MCP tool level.

Book a Demo

What is JFrog MCP Registry?

The JFrog MCP Registry is an enterprise-grade control plane that serves as the single source of truth for all your MCP servers, enabling AI Agents and developers to access MCP tools in a managed and governed way. With the JFrog MCP Registry, you can reduce security risk and ensure AI agents and developers cannot execute unauthorized or destructive commands using malicious MCP servers.

Learn More

Ungoverned MCPs Are Exploitable

Unsecured MCP servers expose your agentic workflows to critical security risks.

Over-Privileged AI Agent Access

Lack of granular control over MCP tools permissions allows AI agents to access sensitive internal data without restrictions. This leads to destructive operations being executed in your production environment.

Unvetted MCP Servers

Developers are using unverified MCP servers from public sources directly on their machines. This exposes your organization to supply chain attacks. Compromised tools running on localhost effectively bypass your perimeter security.

Fragmented AI Management

Without a single system of record, you are flying blind. Managing scattered permissions and local configurations across developers at enterprise scale is unmanageable and creates massive exposure, making it impossible to audit every active MCP connection.

The First Enterprise-Grade MCP Registry

The unified control plane to secure, manage, and scale your agentic software supply chain

MCP Governance at Scale

Transform the “wild west” of MCPs into a fully governed ecosystem. Control MCP servers and their tools usage with granular role-based permissions across the supply chain.

Block Unauthorized Servers

Don’t just scan – block. The only registry that proactively halts malicious and unverified MCP servers at the gate based on your security policies, neutralizing threats before they ever breach your organization.

Unified AI Registry

Stop managing AI in silos. MCP Registry is part of JFrog AI Catalog, the control plane built for all AI artifacts, unifying your custom and third-party MCP servers, agent skills, models and binaries into a single, trusted system of record.

Granular Access Control

Granular tool permissions restrict MCP usage to authorized teams and projects, preventing AI agents from accessing or modifying sensitive data beyond their scope.
mcp asset 4

Automated Policy Engine

The MCP Registry enforces governance policies based on license type, vulnerability severity, or operational risk at the point of request, proactively blocking unverified servers to neutralize supply chain risks before execution.
mcp asset 3

Secure MCP Gateway

The lightweight CLI Gateway routes local IDE connections through a secure bridge, authenticating every request to ensure AI models only interact with approved, verified MCP servers.
mcp asset 1

Integrated with Coding Agents

The JFrog MCP Registry integrates with coding agents, like Cursor and Claude Code, to enforce secure connectivity through a centralized gateway, ensuring only pre-vetted MCP servers are accessible.
mcp asset 2

How it works: The Governed Agentic Software Supply Chain

The JFrog MCP Registry provides a unified control plane that treats MCP servers as standard software artifacts, applying centralized, multi-layered governance across the entire agentic supply chain.
  • Perimeter Defense: Integrates with JFrog Curation to proactively block malicious or unverified servers before they reach your environment.
  • Local Control: Uses a Secure MCP Gateway as a local proxy to authenticate tool calls and enforce granular RBAC, preventing unauthorized data access by coding agents like Cursor or Claude Code.
  • Platform Policy: As part of the JFrog AI Catalog, it integrates natively with JFrog Artifactory for storage and JFrog Curation for policy setting, allowing you to manage AI models, agent skills, and MCP tools alongside your software dependencies on a single, unified platform.
mcp diagram

Additional Resources on Trusted AI Adoption

Solution Sheet

Trusted AI Adoption With the JFrog AI Catalog

Learn More
Whitepaper

The Tech Leader’s Guide to AI & MLOps

Learn More
eBook

Taming the Agentic Supply Chain

Learn More
Blog

The MCP Trojan Horse: AI’s Hidden
Security Risk

Learn More

Frequently Asked Questions

  • What is an MCP Registry?

    An MCP Registry is a centralized governance control plane that serves as the single source of truth for all types of Model Context Protocol (MCP) servers. It acts as a secure “supply chain firewall,” ensuring that developers and AI agents only access approved and MCP servers rather than unverified public ones.

  • Why do enterprises need an MCP Registry?

    Enterprises need a registry to eliminate uncontrolled MCP usage and gain visibility into which AI agents are connecting to internal systems, and what capabilities and permissions they are allowed to use. It automates the configuration of MCP connections across hundreds of developer environments and prevents data exfiltration by blocking unverified servers at the point of request.

  • How does an MCP Registry prevent potential threats?

    The registry neutralizes threats by preventing unvetted MCP servers from gaining operational access to internal systems. By governing the “hands” of the AI (the MCP server), it prevents agents from accessing or modifying sensitive data beyond their authorized scope.

  • What are MCP server security risks?

    Because MCP servers give AI models the ability to execute code autonomously, unmanaged servers can grant unauthorized system access or leak sensitive data. Without a registry, developers expose the organization to supply chain attacks by connecting directly to public, potentially malicious repositories.

  • How does JFrog block malicious MCP servers?

    JFrog enforces “Shift-Left” blocking at the source. The Curation-based automated policy engine validates every request against security policies (e.g., CVE scores, license types) and physically blocks the acquisition of malicious artifacts before they ever reach the developer’s machine.

  • How does MCP governance work?

    Governance is enforced via the Local MCP Gateway, a lightweight proxy that transparently handles authentication and project-based permission checks directly on the developer’s machine. This ensures that coding agents only connect to approved MCP servers explicitly authorized for the user’s specific project, preventing direct public connections and enforcing zero-trust access.

  • How is JFrog different from public MCP registries?

    Unlike public registries that serve as simple lists of links, JFrog is a platform built on three unique differentiators. We manage MCP servers as immutable binary artifacts (preventing changes), we block malicious tools at the gate before download, and we provide a unified system of record that governs your AI tools alongside your existing software supply chain.

  • Which coding agents and IDEs are supported?

    The Registry is compatible with MCP-compliant coding agents and IDEs, such as Cursor, Claude Code, and VS Code. Developers connect via a secure MCP Gateway that routes traffic to vetted internal servers, ensuring seamless integration without exposing the network to the public internet.

  • Is the MCP Registry included in the JFrog Platform?

    Yes, it is a core feature of the JFrog AI Catalog. It integrates natively with JFrog Artifactory for storage and JFrog Curation for policy setting, allowing you to manage AI models, agent skills, and MCP tools alongside your software dependencies on a single, unified platform.

Turn MCP Risk Into a Trusted Supply Chain

Book a Demo