The npm incident, but for AI agents
Remember when malicious npm packages stole crypto wallets? The same thing is coming for MCP servers.
An MCP server runs with full access to:
Your filesystem (~/.ssh/id_rsa, ~/.aws/credentials)
Your network (exfiltrate data)






