> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mem.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Security best practices

> Securely connect AI tools to Mem with MCP

When connecting AI tools to Mem through MCP, follow these practices to reduce risk and keep control over write actions.

## Verify official Mem MCP endpoints

Use only these domains:

* `https://mcp.mem.ai/mcp`
* `https://mcp.mem.ai/.well-known/...`
* `https://api.mem.ai/...` and `https://mem.ai/...` during OAuth flow

## Use trusted clients and connectors

Install MCP clients from trusted sources and double-check connector URLs before approving access.

## Keep human confirmation enabled for writes

For destructive actions (for example deleting notes or collections), keep approval steps enabled in your client workflow.

## Use a dedicated workspace or test account when possible

If you need stricter operational boundaries, connect MCP in a workspace or account with only the data you want tools to access.

## Treat prompts as untrusted input

Prompt injection can try to make agents exfiltrate or modify data. Review tool calls and approvals before execution.

## Keep tokens and session state private

Do not share bearer tokens or local MCP auth/cache files.