The MCP God Key Problem: Why Overprivileged Credentials Are the Next Enterprise Security Crisis

The MCP God Key Problem: Why Overprivileged Credentials Are the Next Enterprise Security Crisis We've documented three MCP security crises in the past week: CVE-2026-0628 (Chrome Gemini) — local panel hijacking gives attackers file system access CVE-2025-54136 (MCPoison) — tool poisoning via key name trust The God Key Challenge — overprivileged credentials with no scoping or attribution The God Key Challenge is the most dangerous of the three. It's the domino that causes everything else to cascade. The God Key Problem Explained Here's how MCP credentials work in most self-hosted setups: Cursor IDE needs a screenshot tool. ↓ Creates MCP server with: export MCP_API_KEY=sk-xxxx ↓ All MCP tools get the same MCP_API_KEY ↓ Screenshot tool runs with MCP_API_KEY Form validation tool runs with MCP_API_KEY PDF generation tool runs with MCP_API_KEY ↓ One tool gets compromised (CVE-2025-54136) ↓ Attacker has MCP_API_KEY ↓ Attacker has access to EVERYTHING This is the "God Key" — a single credentia