MCP as an Attack Surface: Threat Modeling AI Agent Toolchains
The Model Context Protocol is having its npm moment. Every week, another team is wiring up MCP servers to their LLM stack — Gmail, Notion, Jira, internal databases, whatever the product manager asked for. The demos are clean. The capability story is compelling. The security posture is approximately "we'll figure it out later."