(no title)
Ronrey
|
13 days ago
Running MCP tools in production — the security gap isn't theoretical. The spec gives you a tool execution model with no opinion on who gets to call what, or how you scope access when tools span multiple services. WebMCP inherits all of that plus exposes it to every page visitor's browser. The protocol needs an auth and permissions story before it's a standard.
No comments yet.