[Tokumei-no-hito]

so if a security researcher comes up with a free open source patch which, presently, is the only available solution then they should just keep that to themselves?

it's an evolving field. if anthropic doesn't have a solution should we just not do anything?

[raincole]

What this "open source patch" does is to set up a proxy server on your machine and route your requests to their server first for moderation.

Do I really need to explain why this is a bad idea? Honestly this post should be flagged by HN as phishing attempt, if anything. (But it won't, as this company is YC-backed...)

> if anthropic doesn't have a solution should we just not do anything?

A solution to what? This article describes a theoretical scenario where a theoretical user misuses a system. If you give LLM tool some permissions, it would do things that are permitted but probably not expected by you. It's a given.

It's like asking Amazon to have a "solution" for users who posts their AWS access tokens online.

The real problem here is the very existence of Stripe MCP. It's a ridiculous idea. I'm all for raising awareness of that, but it's not an excuse to fearmonger readers into adding yet another AI tool onto their tech stack.