Security
UI Component Isolation
Fractal renders every component inside an isolated iframe. This creates a secure sandbox that:
- Prevents components from accessing data outside their iframe
- Blocks the main application from seeing inside component iframes
- Ensures complete isolation between components and host applications
Since Fractal effectively transforms any chat application into a browser capable of running arbitrary code, security isolation is critical.
Data Flow Control
Communication between components and the host application uses a controlled messaging protocol with strict limitations:
- Current release: Only lifecycle management messages are permitted
- Upcoming release: Selective data sharing controls will allow marking specific data as non-sensitive, enabling richer agent interactions while maintaining security
MCP Server Protection
Fractal-powered MCP servers include built-in authentication that restricts access to:
- localhost connections
- Fractal MCP proxy requests only
This default configuration protects your server from unauthorized access while maintaining seamless integration with the Fractal ecosystem.