Patrick Brosset
@patrickbrosset@mas.to  路  activity timestamp last week

Take a look at this early prototype of our WebMCP proposal! 馃摵

WebMCP lets you control how AI agents interact with your web pages.

For more info and feedback, see https://patrickbrosset.com/articles/2025-08-28-ai-agents-and-the-web-a-proposal-to-keep-developers-in-the-loop/

https://www.youtube.com/watch?v=gbu9kyY2B60

#ai #agentic #mcp

Greg Lloyd
Greg Lloyd boosted
axleyjc
@axleyjc@federate.social  路  activity timestamp last month
#mcp is going to need to rediscover all the #security pitfalls of URI invocation that plagued #mobile devices and were ultimately solved through mechanisms to claim authoritative use of URIs to prevent applications from hijacking them.

MCP has two likely weaknesses by design: 1) Tool invocation hijacking (there's a global tool registry indexed by tool names and URI-like namespaces but zero assurance the right tool is bound to that namespace) and 2) Resource hijacking ( represented as URIs)
axleyjc
@axleyjc@federate.social  路  activity timestamp last month
#mcp is going to need to rediscover all the #security pitfalls of URI invocation that plagued #mobile devices and were ultimately solved through mechanisms to claim authoritative use of URIs to prevent applications from hijacking them.

MCP has two likely weaknesses by design: 1) Tool invocation hijacking (there's a global tool registry indexed by tool names and URI-like namespaces but zero assurance the right tool is bound to that namespace) and 2) Resource hijacking ( represented as URIs)