Y
Hacker News
new
|
ask
|
show
|
jobs
by
tuananh
432 days ago
it still is. if user has 1 bad tool, it's done!
https://invariantlabs.ai/blog/mcp-security-notification-tool...
1 comments
joshwarwick15
432 days ago
Its the same security model as NPM/left pad yep, but consumers still use electron apps? It's a novel attack method, but its not a novel attack surface
link