1 comment

[ 3.2 ms ] story [ 10.0 ms ] thread
> Run an MCP server in Google Cloud

> Deploy to Google Kubernetes Engine (GKE)

It can take only one developer on your team to install a malicious NPM package to summon Shai-Hulud once again and then steal your credentials and breach your MCP server.

After that what else could possibly go wrong?