And we have decades of hindsight with sql injection to work with and make it obvious. No so much with all the fancy new AI tools.

Yes MCP has next to no security features, but then again is it even a year old at this point?

Not excusing it just pointing out something folks should me mindful of when using tool based on it, its an immature system.

And heck, I still remember a time when most of the internet traffic just flew around in plain text. Insanity to us now.