Hacker News new | past | comments | ask | show | jobs | submit login

This is opening a new can of worm of information disclosure, at least one job the AI won't kill is people in security.

MCP is the new IoT, where S stands for security /s






What is the difference between a junior and an agent. Can't you give them smart permissions on a need to know basis?

I guess you also need per user contexts, such that you depend on the user auth to access user data, and the agent can only access that data.

But this same concern exists for employees in big corps. If I work at google, I probably am not able to access arbitrary data, so I can't leak it.

reply




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: