MCP Has a Supply Chain Problem

In 2018 the event-stream npm package got a malicious update that targeted a specific Bitcoin wallet. Millions of downloads. One compromised maintainer. MCP is heading down the same path, just faster. The config everyone has If you've used Claude Desktop, Cursor, or any MCP client, your config probably looks like this: { "mcpServers" : { "my-tool" : { "command" : "npx" , "args" : [ "-y" , "some-mcp-server" ] } } } That -y flag means "install without asking." No version pin. Every time your agent starts, it pulls whatever version is latest from npm. If the package gets compromised tomorrow, your agent runs the compromised version automatically. This is not theoretical. We found 502 MCP server configurations doing exactly this across the registries we monitor. What we scanned Aguara Watch crawls every major MCP registry: skills.sh, ClawHub, PulseMCP, mcp.so, LobeHub, Smithery, Glama. Over 42,000 tools. 148 detection rules. Incremental scans every 6 hours. Here's what the data shows. Patte

MCP Has a Supply Chain Problem

Related Articles

The Boring Skills That Make Developers Unstoppable in 2026

I Installed This VS Code Extension… and My Code Got Instantly Better

The Age of Personalized Software

Automating Checkout Add-On Recommendations in WordPress for WooCommerce

Start Here: Learning to develop your own way with SCSIC

Related Articles

How-To
The Boring Skills That Make Developers Unstoppable in 2026
Medium Programming • 15h ago

How-To
I Installed This VS Code Extension… and My Code Got Instantly Better
Medium Programming • 16h ago

How-To
The Age of Personalized Software
Medium Programming • 18h ago

How-To
Automating Checkout Add-On Recommendations in WordPress for WooCommerce
Dev.to • 18h ago

How-To
Start Here: Learning to develop your own way with SCSIC
Medium Programming • 22h ago