MarketNow audited 8,764 MCP servers using gVisor, flagging critical security risks
MarketNow, a marketplace for MCP servers, has completed security audits of 8,764 servers using a multi-layer framework that includes a gVisor (runsc) sandbox at its core. Of the 206 servers that reached the gVisor stage, 69 passed cleanly, 103 failed to start due to unimplemented syscalls, and 6 were rated high-risk with critical findings; 3 servers were removed for leaking environment variables. During audits, one server attempted a ptrace() call and another attempted bpf(), both blocked by gVisor returning permission or unsupported-syscall errors. The team notes that roughly 50% of MCP servers fail under gVisor due to syscall incompatibility, and uses a strict seccomp profile as a fallback when gVisor is unavailable. MarketNow plans to upgrade to Firecracker microVM isolation by Q1 2027, pending the need for KVM access currently unavailable on standard CI runners.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.


Discussion (0)
Log in to join the discussion and vote.
Log in