CLIs live in the same namespace as the agent, so any secrets the CLI needs access to, the agent can also exfiltrate. And access control is lightly gated by the agent's tool call policy.
For an enterprise-level deployment, it becomes quickly desirable to have a centralized MCP backbone, on which each MCP is attached to. A place you can attach policies to, log activity, and reason about access control.
Maybe. This phenomenon of security holes being found closely to each other was also common before LLMs. People attention gets directed to a place and typically more issues are getting found.
Andreessen hits a point when he says what foreign government knew full well that they where spied upon. We have to remember that those revelations are for the public.
Given how easy it was for Snowden to acquire these documents it's not far fetched to think that the other groups of power already had access to them. And they are collaborating with the US anyways.
Politicians cry outrage to calm down the public. As if they where the victims. Funny how they never talk about what counter-measures could be applied. Shouldn't it be our countries responsibility to ensure that the Internet is not bugged at least in the realm of the country ?
CLIs live in the same namespace as the agent, so any secrets the CLI needs access to, the agent can also exfiltrate. And access control is lightly gated by the agent's tool call policy.
For an enterprise-level deployment, it becomes quickly desirable to have a centralized MCP backbone, on which each MCP is attached to. A place you can attach policies to, log activity, and reason about access control.