HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mavzer

16 karmajoined 2 years ago
security engineer

Submissions

The State of MCP Security [pdf]

canopii.dev
36 points·by mavzer·yesterday·4 comments

Show HN: A Trust Index for MCP Servers

index.canopii.dev
1 points·by mavzer·2 days ago·0 comments

comments

mavzer
·15 hours ago·discuss
100%!! All AI tooling (MCPs, skills, models etc) has to go through the same scrutiny applied to any other web service. But as always, security is an afterthought that comes back to bite.
mavzer
·yesterday·discuss
Nice. Basically, I see 3 ways the MCP ecosystem converging

- Centralized, well trusted sources for MCP servers - Technical people like you creating their own, private MCPs for specific use cases - An MCP governance layer that brings a bit of sense into this new world

Otherwise, it’s a security time bomb. We already see MCP specific attacks out in the wild.
mavzer
·yesterday·discuss
https://index.canopii.dev

Part of my job is to approve / reject MCP servers based on how secure they are and whether they are suitable for use in an enterprise environment. I was tired of my team being called the bottleneck to AI adoption, so I set out to automate the whole process.

I periodically collect the MCP servers and every new version from the Official MCP registry and assign them a score based on 29 distinct criteria like runtime guardrails (e.g. destructive tools, over broad permissions, rug pulls), SAST scans and transport & trust model.

As a result of this exercise, I found that 1 in every 10 MCP servers is pretty much unusable (score 40/100 or below). 18% of the popular MCP servers with 1000+ GitHub stars contain one or more security issues. 184 servers to date have changed their tool definitions after publication, which may indicate a "rug pull" attack.

I built this for security minded people who also want to be at the forefront of AI adoption and for security teams who are tired to be called the bottleneck.

Browsing the index is completely free, you only have to request an API key if you want automated, programmatic lookups for any workflow.

Feedback is always welcome!