|
|
|
|
|
|
by simba-k
436 days ago
|
|
|
MCP's "security nightmare" and toll poising was all is due to people downloading and `exec`ing random untrusted executables. I mention and link it in the article. Same would be true if you downloaded a random REST server, ran it on your computer, and started doing random cURLs to it. MCP over HTTP is just REST for LLMs. I agree that the current ecosystem pushes for insecure use of MCP, but if we move to using trusted HTTPS-hosted services with OAuth (which is all in the spec), the security issues would be on par with any REST service. |
|
|