MCP Security Risks Multiply With Each New Agent Connection

Описание: Anthropic's Model Context Protocol (MCP) has become the standard for connecting AI agents to tools and data, but its security has lagged behind. In The New Stack Agents podcast, Tzvika Shneider, CEO of API security startup Pynt, discussed the growing risks MCP introduces. Shneider sees MCP as a natural evolution from traditional APIs to LLMs and now to AI agents. However, MCP adds complexity and vulnerability, especially as agents interact across multiple servers.

Pynt’s research found that 72% of MCP plugins expose high-risk operations, like code execution or accessing privileged APIs, often without proper approval or validation. The danger compounds when untrusted inputs from one agent influence another with elevated permissions. Unlike traditional APIs, MCP calls are made by non-deterministic agents, making it harder to enforce security guardrails. While MCP exploits remain rare for now, most companies lack mature security strategies for it. Shneider believes MCP merely highlights existing API vulnerabilities, and organizations are only beginning to address these risks.

Here's the full article to go along with the video: https://thenewstack.io/mcp-security-r...

Learn more from The New Stack about the latest in Model Context Protocol:

Model Context Protocol: A Primer for the Developers
https://thenewstack.io/model-context-...

Building With MCP? Mind the Security Gaps
https://thenewstack.io/building-with-...

MCP-UI Creators on Why AI Agents Need Rich User Interfaces
https://thenewstack.io/mcp-ui-creator...

Join our community of newsletter subscribers to stay on top of the news and at the top of your game. https://thenewstack.io/newsletter/