Also, MCP is a serious security disaster. *Too* simple, I'd wager. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		smokel 4 months ago \| parent \| context \| favorite \| on: OpenAI are quietly adopting skills, now available ... Also, MCP is a serious security disaster. Too simple, I'd wager.

valzam 4 months ago | [–]

Id argue that this isn't so much a fault of the MCP spec but how 95% of AI 'engineers' have no engineering background. MCP is just an OpenAPI spec. It's the same as any other API. If you are exposing sensitive data without any authz/n that's on the developer.

sam_lowry_ 4 months ago | | [–]

complex is synonym of insecure

brazukadev 4 months ago | [–]

MCP biggest problem is not being simple

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact