TBTruong Buiinmcpsafe.hashnode.dev·May 14 · 7 min readTool Poisoning in MCP Servers: The Silent Threat to AI AgentsMost security threats leave evidence in code. An injected shell command shows up in an AST. A hardcoded credential appears in a string literal. A network exfiltration call registers in a dependency gr00
TBTruong Buiinmcpsafe.hashnode.dev·May 13 · 6 min readWhat Is MCP Typosquatting and How to Detect ItThe npm ecosystem learned about typosquatting the hard way. In 2018, the event-stream package — with 2 million weekly downloads — was handed off to a new maintainer who embedded a payload targeting Bi00
TBTruong Buiinmcpsafe.hashnode.dev·May 12 · 5 min readWe Scanned 448 MCP Servers — Here's What We FoundMCP servers are not browser extensions. When you install one, you are adding a process to your system that may have direct access to your filesystem, network stack, environment variables, and shell. I00
TBTruong Buiinmcpsafe.hashnode.dev·May 7 · 4 min readI Scanned 2,600 Public MCP Servers. The Supply Chain Is Rough.A snapshot of what's broken in the Model Context Protocol ecosystem — from the kind of mistakes you'd expect to a few that should make you pause. I built MCPSafe, a free security scanner for Model Con00
