Skip to main content

AtomicMCP security

AtomicMCP gives an AI client controlled access to supported Atomicat workflows. Treat it like any other powerful workspace connection: useful, but something that needs clear access rules and human review.

Authentication​

When you connect AtomicMCP, sign in with your own Atomicat account. Do not share your Atomicat password, Google sign-in, or browser session with another user.

If a teammate needs AtomicMCP, they should connect using their own account and the permissions assigned to them in Atomicat.

Workspace scope​

AtomicMCP works within the Atomicat workspace you authorize. If you manage multiple workspaces or brands, confirm you are signed in to the correct one before connecting.

What not to paste into prompts​

Do not paste:

  • Passwords or recovery codes.
  • API keys, private tokens, or webhook secrets.
  • Payment card data.
  • Private customer records that are not needed for the task.
  • Health, financial, or other regulated personal information.
  • Confidential partner contracts or unreleased legal terms.

If the AI client needs context, summarize it instead of pasting sensitive raw data.

Human review is required​

Always review AI-assisted output before you publish, export, delete, or change live assets.

Review especially carefully when the task affects:

  • Page copy and compliance claims.
  • Funnel structure.
  • DNS, domain, or hosting decisions.
  • Lead exports.
  • Webhooks and integrations.
  • Tracking, analytics, or attribution decisions.

Connector hygiene​

  • Connect AtomicMCP only in AI clients you trust.
  • Remove access when a tool or teammate no longer needs it.
  • Reconnect when Atomicat shows an update is available.
  • Keep browser and desktop AI clients updated.
  • Prefer company-approved accounts for team work.

Frequently asked questions​

Can the AI client act without my prompt?

AtomicMCP is designed around user-initiated conversations. Still, you should review tool outputs and confirmations carefully before accepting changes.

Should I use AtomicMCP for legal or compliance review?

Use it for drafting and checklists, not final approval. Legal, compliance, and policy-sensitive claims should be reviewed by your team or advisor.