The docs MCP server is read-only
Our documentation MCP server only searches and returns docs. It has no access to your keys, account, or funds, and it can’t move assets. Connecting it is safe.Use least-privilege API keys
Give AI-assisted code only the access it needs. Scope keys with permission groups, and start with read-only keys while you explore. Keep internal and external transfer permissions in separate permission groups and keys.Keep a human in the loop for asset movement
Withdrawals and external transfers require quorum approval by design—never let an agent approve them. Treat every asset-moving action as human-approved, not automated. See vault policies and the move money overview.Protect keys and signing material
Never paste API keys, private keys, or signing secrets into a prompt or chat. Keep them out of your AI tool’s context and in your secrets manager. Sensitive endpoints require an Ed25519 signature—generate signatures in your own environment. See Request signing.Treat AI output as untrusted
- Review generated code before you run it.
- Test against the sandbox before production.
- Watch for prompt injection: content an agent fetches from the web can carry hidden instructions, so don’t act on it blindly.
- Verify before you sign or broadcast any transaction.