The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Sign up or log in to add sessions to your schedule and sync them to your phone or calendar.
Elicitation is one of MCP's most powerful and least governed features. It lets servers request additional input from users at runtime, enabling richer, more dynamic agent interactions. But in production environments, elicitation also opens a surface for agents to request sensitive data they shouldn't need, bypass approval flows, or trigger unintended actions under the guise of a helpful prompt. This session examines elicitation as a runtime governance problem: what it is at the protocol level, where the security boundary sits between server and client, and how to enforce limits on what agents can elicit without neutering the feature entirely. Drawing on real implementation experience, the talk covers policy patterns for elicitation scope control, audit logging of elicitation events, and the UX tradeoffs of locking it down. Attendees will leave with a clear framework for deciding when elicitation is safe, when it needs guardrails, and how to implement those guardrails in a running MCP deployment.
