It’s terribly insecure as-is [1]. But so was HTTP. The spec isn’t final, so hopefully it will improve.
> MCP initially didn’t define an auth spec and now that they have people don’t like it.
Just wrap it in an SSH tunnel or a HTTPS websocket
> MCP servers can run (malicious code) locally.
Just run it in a Docker container
>> MCP initially didn’t define an auth spec and now that they have people don’t like it.
> Just wrap it in an SSH tunnel or a HTTPS websocket
I assume this is sarcasm, but if not (and for people that take it at face value), it fundamentally misunderstands what auth is used for.
> Just run it in a Docker container
You should probably read the original article in the footnotes of OP's article: https://equixly.com/blog/2025/03/29/mcp-server-new-security-...
While a container will surely protect you from those, it will also prevent you using the features implemented by those MCP Servers.
Containers are usually considered pretty weak security at best. Especially since you don’t always control what the user does with it (docker va rootless podman etc)