Opinion

研究人员发现MCP设计缺陷 Anthropic拒绝修改

#01、Anthropic官方模型上下文协议(MCP)中内置的设计缺陷,可能使多达20万台服务器面临完全被黑客接管的风险。 #02、MCP使用STDIO(标准输入/输出)作为本地传输机制,用于 AI 应用生成 MCP 服务器作为子进程。但实际上,它允许任何人运行任意操作系统命令。 #03、Anthropic研究团队拒绝修改协议架构,并告知提交方"协议运行良好"。 ▍以下正文内容基于英文原文编译,可 ...
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
Geeky Gadgets

Master the Art of MCP Servers: Build, Test, and Deploy Like a Pro

Building and publishing Model Context Protocol (MCP) servers is a crucial step in allowing language models to interact seamlessly with external tools and resources. These servers act as intermediaries ...