E
Enable Specific Servers Blueprint
Boost productivity using this enable, only, specific, servers. Includes structured workflows, validation checks, and reusable patterns for mcp.
SettingClipticsmcpv1.0.0MIT
0 views0 copies
Enable Specific Servers Blueprint
Whitelist-only MCP server configuration for controlled and secure development environments.
When to Use This Setting
Apply this setting when you need to:
- Enforce a strict whitelist policy where only explicitly approved MCP servers can operate
- Comply with security requirements that mandate explicit authorization for all third-party integrations
- Create a minimal MCP environment with only essential servers for focused development workflows Consider alternatives when:
- You trust all servers in your .mcp.json and prefer to selectively block only known-risky ones
- Your team frequently adds new MCP servers and a whitelist approach creates too much administrative overhead
Quick Start
Configuration
name: enable-specific-servers-blueprint type: setting category: mcp
Example Application
claude setting:apply enable-specific-servers-blueprint
Example Output
Setting applied. Changes:
- enabledMcpjsonServers: ["memory", "github", "filesystem"]
- All servers not in whitelist are disabled
Core Concepts
Whitelist Security Model Overview
| Aspect | Details |
|---|---|
| Default Deny | All MCP servers are blocked unless explicitly listed in enabledMcpjsonServers |
| Explicit Trust | Each enabled server has been reviewed and approved for the development environment |
| Minimal Surface | Reduces the attack surface by limiting the number of active external integrations |
| Audit Trail | The whitelist serves as documentation of approved integrations for security reviews |
Whitelist Enforcement Architecture
+---------------------------+
| .mcp.json Contains: |
| - memory |
| - github |
| - filesystem |
| - web-scraper |
| - database-admin |
| - code-review |
+---------------------------+
|
v
+---------------------------+
| Whitelist Filter |
| enabledMcpjsonServers: |
| ["memory", "github", |
| "filesystem"] |
+---------------------------+
|
+----+----+
| |
v v
ENABLED BLOCKED
memory web-scraper
github database-admin
filesystem code-review
Configuration
| Parameter | Type | Default | Description |
|---|---|---|---|
| enabledMcpjsonServers | array | [] | Exclusive list of MCP server names allowed to operate |
| enabledMcpjsonServers[0] | string | "memory" | Persistent memory server for conversation context retention |
| enabledMcpjsonServers[1] | string | "github" | GitHub integration server for PR and issue management |
| enabledMcpjsonServers[2] | string | "filesystem" | File system access server for extended directory operations |
| description | string | N/A | Security rationale for the whitelist approach and server selection |
Best Practices
- Review each server before adding to the whitelist - Evaluate the server's permissions, network access requirements, and data handling before approving it. Document the review outcome for audit purposes.
- Maintain separate whitelists per project type - A frontend project may only need the filesystem server, while a full-stack project may require database and API servers. Tailor the whitelist to each project's requirements.
- Coordinate whitelist changes with the security team - In organizations with security review processes, route whitelist additions through the same approval workflow used for other third-party integrations.
- Test the whitelist in a staging environment first - Apply the whitelist to a test project and verify that all essential workflows function correctly before rolling it out to production environments.
- Include the whitelist in project documentation - Document which servers are enabled and why. This helps new team members understand the available tools and the reasoning behind the selection.
Common Issues
- New MCP server not available after installation - Installing an MCP server adds it to .mcp.json but does not add it to the whitelist. You must explicitly add the server name to enabledMcpjsonServers.
- Empty whitelist blocks all servers - If enabledMcpjsonServers is an empty array, all MCP servers are disabled. Ensure at least one server is listed if you intend to use MCP functionality.
- Server name case sensitivity - Server names are matched exactly as specified. A whitelist entry of "GitHub" will not match a server registered as "github" in your .mcp.json file.
Community
Reviews
No reviews yet. Be the first to review this template!
Similar Templates
#
Project Standards Config
Claude Code settings preset that enforces consistent coding standards. Configures TypeScript strict mode, ESLint rules, Prettier formatting, and naming conventions.
Setting
00
View ā#
Bedrock Configuration Blueprint
All-in-one setting covering configure, claude, code, amazon. Includes structured workflows, validation checks, and reusable patterns for api.
Setting
00
View ā#
Refined Corporate Preset
Production-ready setting that handles configure, proxy, settings, corporate. Includes structured workflows, validation checks, and reusable patterns for api.
Setting
00
View ā