|
|
|
|
|
|
by discreteevent
78 days ago
|
|
|
> It's not a bug, it's fundamentally just a facet of its (LLM/human) general nature Fair enough but then that means that MCP is not "a bit like asking if "an API" was a critical link in some cybersec incident" Because I can secure an API but I can't secure the the "(LLM/human) general nature." |
|
|
The security risk here is the LLM, not the MCP, and you cannot secure the LLM in such system any more you can secure user - unless you put that LLM there and own it, at which point it becomes a question of whether it should've been there in the first place (and the answer might very well be "yes").