In the video example, the 'bad guy' tried to get the MCP server to read ~/.ssh/i... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		xp84 8 months ago \| parent \| context \| favorite \| on: Show HN: MCP Defender – OSS AI Firewall for Protec... In the video example, the 'bad guy' tried to get the MCP server to read ~/.ssh/id_rsa and post it to the attacker site. The MCP Defender popup balked just by it trying to read a suspicious file so it didn't get to the point of making the network connection. It was unclear whether just getting it to ping a remote server with something less shocking than your private keys, such as for instance, source code or environment variables in the current project, would also be treated as malicious.

gsundeep 8 months ago [–]

With the default signatures, source code would not be treated as malicious. However, you can add custom signatures and detect whatever you'd like. We'll soon be adding deterministic rules as well to complement the LLM based ones.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact