1 comment

[ 4.4 ms ] story [ 15.9 ms ] thread
This is an article that rehashes a fact that has been known for a long time: when you give an AI permissions to do anything beyond read-only stuff to an MCP server, you better be careful.

We’re currently in the “prioritize features/functionality over security” phase with AI, I believe things will get formalized in a few years and this problem will get solved.

In the meantime, be careful.