For some reason I missed that sentence trekking what "GPT Researcher "is, my bad.

I totally agree with what you said, and that confirms it’s not a vulnerability. Handing access to others comes with risks, and tools are not responsible for security measures. This is the job of virtualisation or things like LSM.

TBH this article looks like half AI slop to me. What’s “GPT researcher”? (edit: for some reason I missed the sentence explaining what it is, my had. My view doesn’t change anyway. )

Also, by their logic, a terminal can run “rm -rf /”, is this terminal vulnerable? Even more irony, in their report, they said GitHub is not vulnerable. Doesn’t this exactly mean it’s not the responsibility of MCP?

MCP is basically a protocol for payloads, it’s just like protobuf/JSON but for AI. Can we say MCP is vulnerable simply because it can carry malicious payloads?

Make a dumb EV and you immediately get a lot of clients.

An EV doesn’t need internet access, doesn’t need mics and cameras inside, doesn’t need a touchpad or a big screen.