|
|
|
|
|
|
by mcpmarketplace
113 days ago
|
|
|
This resonates. Pattern 2 (full agent isolation) handles the runtime threat, but there's a gap upstream. The MCP ecosystem has thousands of servers now and zero vetting. You find a repo, hope it's legit, and give it system access. Sandboxing won't help if the tool itself is designed to exfiltrate data through legitimate-looking API calls. The missing layer is pre-installation scanning. Runtime isolation + supply chain vetting together is the real answer. |
|
|