MLOps.community

The Dark Side of MCP Servers


Listen Later

Sam Partee (CTO & co-founder of Arcade.dev) and Nate Barbettini (Founding Engineer at Arcade.dev) sit down at the MCP Dev Summit to unpack what nobody wants to admit about the Model Context Protocol: the security model is still full of sharp edges. From tool poisoning and prompt injection to why OAuth got bolted onto the spec, this is a builder 's-eye view of where MCP breaks — and how to ship agents safely anyway.

What we get into:🔓 OAuth on MCP — Why the spec adopted OAuth as its authorization standard, and the class of spoofing attacks it shuts down.☠️ Tool poisoning — How a malicious server hides instructions in tool descriptions, and why your agent trusts them by default.🧪 MCP Debugger & ToolBench — Shining a light on the rough edges by grading servers from S-tier to F-tier.🖥️ Sandboxing agents — Giving an agent a shell and a file system without handing over the keys to your machine.📜 Allow lists — Why MCP has client-level allow lists but skills mostly don't — and why that worries them.🔄 The auto-update problem — How skills and servers that silently update become a supply-chain risk ("rug pulls").✅ SOC 2, honestly — Why the controls are voluntary, misunderstood, and actually about best practices.🤖 AI-generated PRs — The new behaviors to watch for as agents start writing and merging code.

If you build agents, ship MCP servers, or are responsible for AI security at your company, this one's for you.

🔗 Links & ResourcesArcade.dev: https://www.arcade.devArcade MCP framework (GitHub): https://github.com/ArcadeAI/arcade-mcpSam Partee (GitHub): https://github.com/sparteeNate Barbettini (LinkedIn): https://www.linkedin.com/in/nbarbettiniMLOps.community: https://mlops.community

⏱️ Timestamps[00:00] Skills, agents, and local context

[08:36] MCP Debugger grades your server

[10:34] Why AI clients are still buggy

[20:54] Why agents shouldn’t always have shell access

[22:44] “I have a spicy take.”

[26:27] “Do not build your own auth.”

[31:14] The “checking someone else’s email” problem

[35:40] “OAuth is the best worst option.”

[43:50] The future of AI entertainment

[46:19] Tool poisoning explained

[50:49] “Trust me, bro,” is not a security solution

[52:45] MCP registries as the App Store model

[1:00:28] AI-generated PRs and speed vs quality

[1:02:37] Why behavior-driven development is coming back

[1:08:11] Have we already reached AGI?


#MCP #AIAgentSecurity #ToolPoisoning

...more
View all episodesView all episodes
Download on the App Store

MLOps.communityBy Demetrios

  • 4.6
  • 4.6
  • 4.6
  • 4.6
  • 4.6

4.6

23 ratings


More shows like MLOps.community

View all
This Week in Startups by Jason Calacanis

This Week in Startups

1,290 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

289 Listeners

The a16z Show by Andreessen Horowitz

The a16z Show

1,093 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

626 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

583 Listeners

Super Data Science: ML & AI Podcast with Jon Krohn by Jon Krohn

Super Data Science: ML & AI Podcast with Jon Krohn

301 Listeners

NVIDIA AI Podcast by NVIDIA

NVIDIA AI Podcast

345 Listeners

Practical AI by Practical AI LLC

Practical AI

208 Listeners

Dwarkesh Podcast by Dwarkesh Patel

Dwarkesh Podcast

576 Listeners

Big Technology Podcast by Alex Kantrowitz

Big Technology Podcast

508 Listeners

No Priors: Artificial Intelligence | Technology | Startups by Conviction

No Priors: Artificial Intelligence | Technology | Startups

143 Listeners

Latent Space: The AI Engineer Podcast by Latent.Space

Latent Space: The AI Engineer Podcast

101 Listeners

This Day in AI Podcast by Michael Sharkey, Chris Sharkey

This Day in AI Podcast

226 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

682 Listeners

AI + a16z by a16z

AI + a16z

34 Listeners