Фото: Tatiana Meel / Reuters
Two shifts will probably accelerate in the next twelve to eighteen months. First, agent permissions will start looking more like cloud IAM than app-level API keys. Per-session credentials, scoped to specific repositories or actions, with automatic expiry. The GitHub MCP exploit already demonstrated why broad, long-lived tokens are untenable when the agent processes attacker-controlled input as part of normal operation. Second, connector and tool registries will develop something resembling package signing and vulnerability disclosure. MCP tool descriptions influence agent behavior as directly as code does, and the supply-chain security practices around code have not yet caught up to that reality.
Easy-to-use app available on all major devices including iPhone, Android, Windows, Mac, and more,推荐阅读吃瓜网获取更多信息
Copyright © 1997-2026 by www.people.com.cn all rights reserved。谷歌是该领域的重要参考
Издание отмечает, что переговоры пока находятся на ранней стадии и не гарантируют конкретных результатов
Люди повисли вниз головой на заклинившем аттракционе в российском городе21:00。业内人士推荐今日热点作为进阶阅读