Whether this statement does hold or not depends a lot on your personal worldview:
- How do you define "malicious"?
- Is Microsoft a malicious [in the sense of your previous answer] actor (or not)?
- What is the result of your risk assessment that Microsoft will become a malicious in the future?
The chance that they become a hostile actor to my business is effectively zero. Certainly among the lowest chances of any email provider.
I guess the same holds for this malicious (?) single developer.
Microsoft sees and treats their end users simultaneously as adversaries, as incompetent children, and as data cows to be milked without genuine informed consent for Microsoft's own profit, not as customers deserving of respect, dignity, and autonomy.
And i consider myself a lazy person. Using 3rd party libraries are just more of a headache and time sink sometimes
Still vulnerable to prompt injection of course, but I don't connect LMs to my main browser profile, email, or cloud accounts either. Nothing sensitive.
its the other way around, codex started with TS then rewrite it to rust
https://www.linkedin.com/posts/eito-miyamura-157305121_we-go...
Some people do this without thinking much about it. Not all of us. This is not normal nor ok.
Predicting this kind of attack was easy. Many of us probably did. (I did.) This doesn't make me feel much better though, since (a) I don't relish when lazy or ignorant people get pwned; (b) there are downstream effects on uninvolved people; and (c) there are classes of attacks that are not obvious to you or me.
Stay suspicious, stay safe. There are sharks in the water. With frikin' laser beams on their heads too.
That said, installing any package is a liability, whether it's a library or an mcp server.
I keep seeing this pattern in articles: "Did you know that if you point the gun at your foot and pull the trigger, yOu ShOoT yOuRsElF iN tHe FoOt??!? I couldn't believe it myself!! What a discovery!!1!"
Are people really this oblivious or are these articles written about non-issues just to have written 'content'?
It’s an AI, it must be perfect! /s
The answer to you gun analogy is false because it assumes basic knowledge of a gun. This is part of why so many kids shoot themselves or family members with guns - because they don’t know if you pull the trigger something violent will happen until they are taught it.
And that if that happens ‘smart’ people will tell you that it was really dumb to do that!!?!
Articles like this are intended to serve the latter group of people.
And it’s true, AI agents with MCP servers are pretty much unsafe by design, because security was never considered from the start. Until that changes, if it ever even does, the best thing to do is to inform.
hdjdndndba•1h ago
nativeit•1h ago
bonsai_spool•1h ago
oasisbob•19m ago
If you point out the excessive length, the rhetorical flaws, and the obvious idiomatic tics of AI writing people don't tend to want to hear it.
When authors had to do the work, you'd notice your article approaching 1900 words and feel the natural need to cut redundant platitudes like this:
> The postmark-mcp backdoor isn't just about one malicious developer or 1,500 weekly compromised installations. It's a warning shot about the MCP ecosystem itself.
An AI feels no such need, and will happily drag their readers through a tiresome circuitous journey.