MacOS Installation

Gatekeeper Security Warning on First Launch

When the user double-clicks the MCP Endpoint Shield Installer, macOS may display a warning stating that the application could not be verified and was blocked to protect the system.

This is expected behaviour for applications distributed outside the Mac App Store.

User Action (Required):

1. Open System Settings

2. Navigate to Privacy & Security

3. Scroll to the Security section

4. Click Open Anyway for mcp-endpoint-shield

Allowing the Application in Privacy & Security

This screen confirms that the user has explicitly approved the installer. Once approved, macOS will allow the installer to run normally.

No administrator privileges are required at this stage.

Installer Wizard – Introduction Screen

After approval, the installer wizard launches.

The introduction screen explains:

• What MCP Endpoint Shield does

• The installation location (user directory)

• That no root or administrator permissions are required

Click Continue to proceed.

Installation Type Confirmation

Click Install to begin installation.

This screen confirms:

• Disk space required

• Installation scope (current user only)

• Target disk (e.g., Macintosh HD)

Background Item Registration

After installation, macOS displays a notification indicating that mcp_endpoint_shield.sh has been added as a background item.

This means:

• MCP Endpoint Shield runs automatically in the background

• It starts on user login

• It can be managed via Login Items & Extensions

This is required for continuous endpoint monitoring.

Folder Access Permissions (Optional)

After installation, MCP Endpoint Shield may request permission to access specific folders in the user’s home directory:

• Desktop

• Documents

• Downloads

These permissions are used to:

• Scan MCP-related files

• Validate configurations

• Monitor relevant artifacts within the user environment

User Choice:

• Allow – Enables folder-level scanning

• Don’t Allow – Skips access to that folder