undefined | Better HN

0 pointstehryanx11mo ago0 comments

I appreciate your responses here. The thing that still really stands out to me as a completely novel risk in this framework is that the extension is automatically seeking out and attaching to these servers as soon as a page gets loaded.

This seems really bad to me. There are so many ways for a website to end up in one of my browser tabs without me wanting it there, or even knowing it's there.

If that happens, and that tab just so happens to be a malicious MCP-B enabled page, it could steal all kinds of data from all kinds of different web apps I'm interacting with. I think it should be seen as the responsibility of the framework to enforce some level of data isolation, or at the least opt-in consent mechanisms.

0 comments

2 comments · 2 top-level

miguelspizza11mo ago

Yea this is a really good idea, Maybe like a popup that say "hey x website has an MCP, do you trust it to connect?"

I guess there would also need to be a way to "audit" a websites full tool list at connection time and throw some sort of warning if tools show up that are not part of this list during use.

Interesting problems for sure. I really appreciate you taking to time to think them through. I'll call these out in the issues section of the repo

miguelspizza11mo ago

Added a summary of what has been brought up here to the repo wiki. Let me know if I missed anything

https://github.com/MiguelsPizza/WebMCP/wiki/Known-Security-I...

j / k navigate · click thread line to collapse