A deep-dive into the security posture of real-world AI agent deployments — and the open-source tool I...
A deep-dive into the security posture of real-world AI agent deployments — and the open-source tool I built to fix it.
TL;DR
I collected 1,200 real MCP (Model Context Protocol) configuration files from public GitHub repositories, scanned them with an open-source security tool I built, and found that:
100% had security gaps
20.7% had CRITICAL or HIGH issues (hardcoded secrets, unauthenticated endpoints, unrestricted shell execution)
Over the past few weeks, I've been spending a lot of time looking at the security of AI agents. Not...
We built mcp-customs, a free, offline CLI that checks an MCP server for common security risks before...
OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how…
GitHub is scanning Model Context Protocol servers for prompt injection, malicious tools, and supply chain risks. Here is what the…
The MCP ecosystem grew faster than anyone could audit it. Now there's a tool trying to catch up — and...
MCP Security Crisis: Two Open-Source Frameworks Solving the Agent Security Problem 9.93%...
