What if the MCP server you installed last week is silently leaking your emails to a stranger? The AI tools boosting your productivity could already be your biggest security liability.
MCP (Model Context Protocol) has quickly become the standard for connecting AI agents to external tools and data sources. But as adoption accelerates, so do the risks – from malicious servers harvesting your credentials in the background, to local processes exposed to your entire network with no authentication. Most developers install MCP servers without fully understanding what code is running or who wrote it, creating serious supply chain and shadow IT problems inside organizations.
In this episode, Ariel Shiftan, CTO of MCPTotal, explains how MCP actually works, why there is a wide gap between its original design and how it is used in practice, and what that gap means for security. He also walks through real zero-days his team has discovered and shares practical advice for developers and enterprise leaders trying to adopt MCP without compromising their security posture.
Key topics discussed:
- What MCP is and why it won the “USB for AI” race
- Why most MCP servers are just API wrappers done wrong
- Real zero-days found in popular, widely used MCPs
- How malicious MCPs can silently leak your credentials
- The supply chain risks hiding inside your dev toolchain
- Why banning MCP in your org is the wrong move
- Best practices for writing well-designed MCP servers
- Why agent permission prompts need better security defaults
Timestamps:
- (00:00:00) Trailer & Intro
- (00:02:49) What Is MCP and Why Is It Called the USB for AI?
- (00:07:22) How Does MCP Differ from Standard REST APIs?
- (00:13:40) What Can AI Agents Do with MCP Beyond Reading Data?
- (00:16:56) What Is RAG and How Did AI Evolve to Tool Calling?
- (00:19:54) Why Is MCP Misused as an API Catalog and What Does That Cost?
- (00:25:04) What Are AI Skills and How Do They Compare to MCP?
- (00:30:29) How Does MCP Server Architecture Work Under the Hood?
- (00:37:01) How Do Malicious and Vulnerable MCP Servers Put Organizations at Risk?
- (00:45:30) What Real-World MCP Vulnerabilities and Zero-Days Have Been Found?
- (00:50:30) How Should Enterprises Enable MCP Adoption Without Compromising Security?
- (00:53:16) What Are Best Practices for Writing a Well-Designed MCP Server?
- (00:59:14) How Should AI Agents Handle Permissions Without Overwhelming Users?
- (01:05:26) 3 Tech Lead Wisdom
_____
Ariel Shiftan’s Bio
Ariel is a software engineer and security expert with more than 20 years of hands-on and executive leadership experience across cybersecurity, distributed systems, and AI infrastructure. He holds a PhD in Computer Science, specializing in advanced algorithms and systems. Earlier in his career, Ariel founded NorthBit, a deep-tech cybersecurity firm that was acquired by Magic Leap in 2016, where he led product security globally, overseeing the security lifecycle across more than 700 engineers. He has also led applied AI breakthroughs, including heading an XPRIZE-winning team that used deep learning to fight malaria in Africa.
Follow Ariel:
Like this episode?
Show notes & transcript: techleadjournal.dev/episodes/249.
Follow @techleadjournal on LinkedIn, Twitter, and Instagram.
Buy me a coffee or become a patron.
Tech Lead Journal