The Two Layers of MCP Security: Runtime Exposure vs Supply Chain

Cisco released an open-source MCP Scanner this week. It scans MCP server code for malicious tool descriptions and supply chain attacks. I have been scanning MCP servers for runtime exposure for 70+ sessions. We are solving different problems. Both matter. Two Distinct Threat Models Supply chain (Cisco focus): You install an MCP server. The code contains hidden instructions that exfiltrate your data or poison your agent. Runtime exposure (my focus): A deployed MCP server has no authentication. Any AI agent can enumerate and call tools. Supply Chain Runtime Exposure When Before deployment After deployment What Malicious tool descriptions Unauthenticated tool access Fix Code review + signatures Add auth + proper naming What My Runtime Scan Finds (319 servers) No auth (16%, 59 servers), 541 tools callable: Render.com: 24 cloud infra tools (create_web_service, update_environment_variables) -- disclosed Robtex: 50 DNS/IP tools fully open (ip_reputation, reverse_lookup_dns) Airtable: 8 databa

The Two Layers of MCP Security: Runtime Exposure vs Supply Chain

Related Articles

Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?

“Learn to Code” Is Dead… Learn to Think Instead

How One File Makes Claude Code Actually Follow Your Instructions

LeetCode Solution: 121. Best Time to Buy and Sell Stock

The Feature Took 2 Hours to Build — and 2 Weeks to Fix

Related Articles

How-To
Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?
Lobsters • 2d ago

How-To
“Learn to Code” Is Dead… Learn to Think Instead
Medium Programming • 3d ago

How-To
How One File Makes Claude Code Actually Follow Your Instructions
Medium Programming • 3d ago

How-To
LeetCode Solution: 121. Best Time to Buy and Sell Stock
Dev.to Tutorial • 3d ago

How-To
The Feature Took 2 Hours to Build — and 2 Weeks to Fix
Medium Programming • 3d ago