Cursor and Supabase MCP = private SQL tables leakedgeneralanalysis.com6 points·by lunw·ปีที่แล้ว·1 comments
lunw·12 เดือนที่ผ่านมา·discuss- imessage MCP: built by Anthropic - Claude Desktop: has dev keys - Stripe: just executing bad requests - avg devs: claude goes brr - CISOs: should be concerned
lunw·ปีที่แล้ว·discussCo-founder of General Analysis here. Technically this is not a responsibility of Supabase MCP - this vulnerability is a combination of:1. Unsanitized data included in agent context2. Foundation models being unable to distinguish instructions and data3. Bad access scoping (cursor having too much access)This vulnerability can be found almost everywhere in common MCP use patterns.We are working on guardrails for MCP tool users and tool builders to properly defend against these attacks.
lunw·ปีที่แล้ว·discussNice to see some cool jailbreaks being worked on. Hope people patch it soon so we can look at the methodology.