logoalt Hacker News

rvzlast Saturday at 6:34 PM3 repliesview on HN

Well you’re really going to love this expert blog post series on the flaws of MCPs and how they are exactly exploited. (I’m not the author) [0]

But as always in times of lots of hype, this get no attention and no-one cares.

[0] https://www.tramlines.io/blog


Replies

simonwlast Saturday at 6:50 PM

Those all appear to be thinly disguised sales pitches for their Tramlines product.

They also look to be selling the kind of filtering/guardrails solution that I argue in my talk doesn't actually work. (Update: that's a little unfair, I had a look and a bunch of their rules are at least deterministic, like making sure DELETE isn't present in a call made to a database MCP.)

If you're looking for credible sources on MCP and prompt security that aren't my blog, I strongly recommend https://embracethered.com/blog/

seanhunterlast Saturday at 6:53 PM

That’s just blogvertising. The fact that you think that’s an expert take harms your credibility.