[krzyk]

Not sure. Our big org, banned MCPs because they are unsafe, and they have no way to enforce only certain MCPs (in github copilot).

[thenewnewguy]

But skills where you tell the LLM to shell out to some random command are safe? I'm not sure I understand the logic.

[toomuchtodo]

You can control an execution context in a superior manner than a rando MCP server.

MCP Security 2026: 30 CVEs in 60 Days - https://news.ycombinator.com/item?id=47356600 - March 2026

(securing this use case is a component of my work in a regulated industry and enterprise)

[newswasboring]

I think big companies already protect against random commands causing damage. Work laptops are tightly controlled for both networking and software.

[krzyk]

They are not also, but I like that they didn't ban those, we can use agents thanks to that.

[mbreese]

Isn’t it possible to proxy LLM communication and strip out unwanted MCP tool calls from conversations? I mean if you’re going to ban MCPs, you’re probably banning any CLI tooling too, right?

[krzyk]

Nope, random MCP server where no one looks into its code is a bit more unsafe then a command you see (and can approve) executed in shell you control. In case of MCP it can do antything, and you don't see it.

[systima]

Maybe https://usepec.eu ?

[thecopy]

Shameless plug: im working on a product that aims to solve this: https://www.gatana.ai/

[brabel]

Who isn't?

[yoyohello13]

We only allow custom MCP servers.