MCP Supply Chain Security: How Malicious MCP Servers Are Infiltrating Enterprise AI Environments
Every enterprise deploying AI agents is building on a foundation of third-party MCP servers they don’t control, can’t verify, and barely track. The security conversation keeps focusing on the model – prompt injection, jailbreaks, hallucinations. That’s the wrong place to look. We’ve covered why that framing falls short elsewhere too – see System Prompts Are Not Security Boundaries. Business Logic Graphs Are.