> A guardrail can help protect every tool call with a protective layer that blocks malicious or out-of-policy instructions in real time. Here is how to install the GA MCP guard which is open-source and requires no billing.
> $ pip install generalanalysis # install the guard
so if a security researcher comes up with a free open source patch which, presently, is the only available solution then they should just keep that to themselves?
it's an evolving field. if anthropic doesn't have a solution should we just not do anything?
What this "open source patch" does is to set up a proxy server on your machine and route your requests to their server first for moderation.
Do I really need to explain why this is a bad idea? Honestly this post should be flagged by HN as phishing attempt, if anything. (But it won't, as this company is YC-backed...)
> if anthropic doesn't have a solution should we just not do anything?
A solution to what? This article describes a theoretical scenario where a theoretical user misuses a system. If you give LLM tool some permissions, it would do things that are permitted but probably not expected by you. It's a given.
It's like asking Amazon to have a "solution" for users who posts their AWS access tokens online.
The real problem here is the very existence of Stripe MCP. It's a ridiculous idea. I'm all for raising awareness of that, but it's not an excuse to fearmonger readers into adding yet another AI tool onto their tech stack.
> 1 ยท Deploy an MCP Guard (three-command setup)
> A guardrail can help protect every tool call with a protective layer that blocks malicious or out-of-policy instructions in real time. Here is how to install the GA MCP guard which is open-source and requires no billing.
> $ pip install generalanalysis # install the guard
> $ ga login # browser-based auth
> $ ga configure
> MCP Guard protection enabled