> The new MCP server runs directly on the user’s machine. That local first design means sensitive data does not have to travel to the cloud just to be useful.
Even if it is 'local', data can still be exfiltrated via prompt injection, even via Anthropic's MCP inspector which that was run 'locally' and was exploitable via going to a crafted URL link that points locally to the MCP server. [0]
Again, the concept of MCPs are totally incompatible with security.
This does not make any sense whatsoever.
> The new MCP server runs directly on the user’s machine. That local first design means sensitive data does not have to travel to the cloud just to be useful.
Even if it is 'local', data can still be exfiltrated via prompt injection, even via Anthropic's MCP inspector which that was run 'locally' and was exploitable via going to a crafted URL link that points locally to the MCP server. [0]
Again, the concept of MCPs are totally incompatible with security.
[0] https://www.oligo.security/blog/critical-rce-vulnerability-i...