behrens.hashnode.devHow mcpwall Maps to the OWASP MCP Top 10OWASP published the MCP Top 10, a community-driven threat taxonomy for the Model Context Protocol. Here's an honest, line-by-line look at what mcpwall covers, what it partially mitigates, and what's e1d ago·7 min read
behrens.hashnode.devWhat mcpwall Does and Doesn't Protect AgainstWhat mcpwall Does and Doesn't Protect Against Security tools that hide their limitations aren't security tools. I published mcpwall's full threat model. Here's the summary: what's covered, what isn't, and what's next. Where mcpwall sits mcpwall is a...4d ago·3 min read
behrens.hashnode.devYour MCP Tools Are a BackdoorI let Claude Code install an MCP server. Three seconds later, it read my SSH private key. No warning, no prompt, no log entry. Just a tool call to read_file with the path ~/.ssh/id_rsa, buried in a stream of normal filesystem operations. This isn't a...4d ago·5 min read