|
|
|
|
|
|
by yjcho9317
75 days ago
|
|
|
I built and shipped an MCP server (NAVER WORKS integration) so I've been on both sides of this. My server talks to a corporate messaging API — one bad tool call could blast messages to an entire org. I ended up writing input validation for every single tool by hand because there's no standard for it. Even then, Claude Code will happily call tools in a loop with hallucinated parameters. Saw it happen more than once. Rate limiting would've probably stopped most of that, but MCP doesn't really give you a clean place to enforce it. I also got the server listed on mcp.so and mcpservers.org with basically zero review. It's closer to a directory than anything else. I do mobile app security for a living (banking apps), and yeah — same story there. You can't rely on the thing executing the action to control itself. |
|
|