Great article that outlines some of the attack vectors of the Model Conext Protocol. I’ve been playing around with it recently in Claude Code and by attempting to integrate it into the llm CLI by simonw. 

As with any dependency, it’s good to vet the source before using it. Same is true for mcp servers, which are usually docker containers, npm or python tools.