Those all appear to be thinly disguised sales pitches for their Tramlines product.

They also look to be selling the kind of filtering/guardrails solution that I argue in my talk doesn't actually work. (Update: that's a little unfair, I had a look and a bunch of their rules are at least deterministic, like making sure DELETE isn't present in a call made to a database MCP.)

If you're looking for credible sources on MCP and prompt security that aren't my blog, I strongly recommend https://embracethered.com/blog/