Here's a walkthrough of a scenario where it's easy to expose secrets in MCP with Supabase.

Here's a walkthrough of a scenario where it's easy to expose secrets in MCP with Supabase.
- I found the HackerNews thread interesting.
- The Supabase team was discussing the mitigations they were taking to make MCP infiltrations less likely, including by automatically extending prompts with stronger instructions.
- Many of the comments were pointing out that it doesn't make sense to treat MCP as the security boundary.
- Finally people are starting to wake up to the LLM not being able to be used as a security boundary.

More on this topic