Great post Josh! The Postmark backdoor is yet another great example of supply chain attacks that not only highlights the need for AI guardrails but also for vetting of open source software after each release. Not just the first time a user/enterprise incorporates it into their stack and CI/CD.
Exactly! We can’t just use a point in time approval list for MCP, and even if the package is entirely benign, we still have the problem of an agent using a legitimate tool for a malicious purpose which is why behavioral controls are necessary.
Great post Josh! The Postmark backdoor is yet another great example of supply chain attacks that not only highlights the need for AI guardrails but also for vetting of open source software after each release. Not just the first time a user/enterprise incorporates it into their stack and CI/CD.
Exactly! We can’t just use a point in time approval list for MCP, and even if the package is entirely benign, we still have the problem of an agent using a legitimate tool for a malicious purpose which is why behavioral controls are necessary.