6 comments

[ 3.0 ms ] story [ 24.8 ms ] thread
Just a note for everyone on HN. I am now hiding all LLM related stories like this one and have no regrets. Actually my front page looks pretty good now, with varied and interesting stories like back in the day.
Slop. One of the arguments is that an MCP can do prompt injection via the tool descriptions. How the fuck is this on the front page.
When I see anything that says "using it wrong" and saw the number of security issues and exploited MCP servers, that was everything I needed to know about how terrible MCP is as a standard.

Just as bad, if not worse than JWTs.

You should learn about RAG.

Then have whatever ai you used rewrite it with that knowledge.

So obviously written by AI. E.g.:

"Documentation is where MCP quietly does its best work, and where much of the criticism misses the mark."

MCP = Model Context Protocol, a framework that lets LLMs talk to external tools and sources