ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
We already know that any Web server listening on the loopback interface is a security risk, because it may be accessed by a browser or its extensions. But the impact may be way bigger if this Web server is a MCP server 😱 blog.extensiontotal.com/trust-me-im-...
May 2, 2025, 5:40 PM
{
"uri": "at://did:plc:d7poh4tbrcxpfhouwkemcelp/app.bsky.feed.post/3lo7enhmsks2b",
"cid": "bafyreifvhhqopjuynsqw5aromj6gwn22cn2k2skbmvqzzdmkzftatft3te",
"value": {
"text": "We already know that any Web server listening on the loopback interface is a security risk, because it may be accessed by a browser or its extensions.\n\nBut the impact may be way bigger if this Web server is a MCP server 😱\n\nblog.extensiontotal.com/trust-me-im-...",
"$type": "app.bsky.feed.post",
"embed": {
"$type": "app.bsky.embed.external",
"external": {
"uri": "https://blog.extensiontotal.com/trust-me-im-local-chrome-extensions-mcp-and-the-sandbox-escape-1875a0ee4823",
"thumb": {
"$type": "blob",
"ref": {
"$link": "bafkreiesnnyervo64moz6fnuej7ize3forqa66ojz43hml2s2dab5ppram"
},
"mimeType": "image/jpeg",
"size": 523942
},
"title": "Trust Me, I’m Local: Chrome Extensions, MCP, and the Sandbox Escape",
"description": "Let’s talk about MCPs. You’ve probably heard of them, and maybe you’ve read the security risks associated with them. Sure, they sound…"
}
},
"langs": [
"en"
],
"facets": [
{
"index": {
"byteEnd": 265,
"byteStart": 226
},
"features": [
{
"uri": "https://blog.extensiontotal.com/trust-me-im-local-chrome-extensions-mcp-and-the-sandbox-escape-1875a0ee4823",
"$type": "app.bsky.richtext.facet#link"
}
]
}
],
"createdAt": "2025-05-02T17:40:52.797Z"
}
}