Anthropic's official Git MCP server contained three chained vulnerabilities that enabled arbitrary file access and remote code execution. The flaws existed for six months before being patched. If even the protocol creator ships vulnerable code, what does that mean for the thousands of third-party MCP servers in the wild?
Last time we exposed the hidden dangers lurking in MCP supply chains. Today we introduce Ocellus, the first comprehensive security platform designed specifically for Model Context Protocol tools. Built on three pillars (Registry, Platform, and Agent), Ocellus enables organizations to embrace AI productivity without compromising security.
Your AI agents have more access to your systems than most of your employees. They can read files, execute code, access databases, and make network requests. Yet most organizations are installing Model Context Protocol (MCP) tools with less scrutiny than they'd give to a browser extension. This is the MCP supply chain crisis—and it's happening right now in your infrastructure.