MCP servers: Lure of sharing your data with AI, and a likely security nightmare
It may have gone under the radar, but AI company Anthropic first mooted the idea of a singular connection language for AI assistants with other apps and systems users access, late last year — dubbed the 'USB-C for AI'. Claude Sonnet 3.5 is their first model, adept at building MCP implementations for connecting AI with datasets, as a user may want to.
Indian fintech Zerodha launched an MCP integration with Anthropic's Claude. Among the things it can do is curate portfolio insights, plan trades, backtest investment strategies, and generate personal finance dashboards. For users who aren't proficient with the workings of the stock market, these insights may prove useful.
'MCPs are a new way for AI systems to interact with real-world services like trading accounts,' says Nithin Kamath, Founder and CEO of Zerodha, pointing out all the functionality is free to access.
Globally, companies are rushing to build MCP integrations, and there's a core rationale for this sudden momentum. 'AI agents and assistants have become indispensable creative partners, yet current workflows require users to manually add context or references, creating complexity,' explains Anwar Haneef, GM and Head of Ecosystem at Canva.
11Labs, which has built the 11ai personal voice assistant, has bolted on MCP connections with platforms including Perplexity and Slack. Autonomous coding agent Cline too can combine MCP servers from Perplexity and others, to create research workflows.
Amazon Web Services or AWS, in a technical document, explains MCP is an open standard that creates a universal language for AI systems to communicate with external data sources, tools, and services. Conceptually, MCP functions as a universal translator, enabling seamless dialogue between language models and the diverse systems, they say.
Also Read: Apple Music at 10, India's 5G trajectory, Canva's AI tools, and Adobe's camera
For users, this may open up a scenario where AI tools may be able to connect with different platforms, and thereby, a single window workflow approach, instead of manually copying data between applications or switching between multiple tools to complete tasks.
Take for example Canva, which becomes the first company to launch its deep research connector with OpenAI's ChatGPT, and thereby give users access to designs and content created in Canva via their ChatGPT conversations. This will include Canva Docs and presentations as well.
The advantage? Summarising reports or documents, asking AI to analyse data, and for a more contextual conversation. AI will be able to use these tools to create content depending on what a user asks. 'This is a major step in our vision to make the complex simple and build an all-in-one AI workflow that's secure and accessible to all,' adds Haneef.
OpenAI announced MCP support earlier, says popular remote MCP servers include Cloudflare, HubSpot, Intercom, PayPal, Plaid, Shopify, Stripe, and Twilio, all encompassing various consumer and enterprise focused domains.
Microsoft has made substantial investments in MCP infrastructure, integrating the protocol with Azure OpenAI Services to allow GPT models to interact with external services and fetch live data. The company has released multiple MCP servers.
Anthropic, though an early mover, has had to change the approach to offering MCP to developers. The result, released a few days ago, are the new Desktop Extensions, to simplify MCP installations. 'We kept hearing the same feedback: installation was too complex. Users needed developer tools, had to manually edit configuration files, and often got stuck on dependency issues,' the company says, in a statement.
Developers will need help with the integration. AWS has released their open-source AWS Serverless MCP Server, a tool that combines AI assistance with streamlined development, to help developers build modern applications.
Unchartered territory?
Risks, particularly with how a user's data is being shared between two distinct digital entities, are something tech companies must remain cognisant of. As Kailash Nadh, Zerodha's Chief Technology Officer explains, 'Strictly from a user perspective, it feels liberating to be able to access services outside of their walled gardens and bloated UIs riddled with dark patterns. It moves a considerable amount of control from service providers to users, but at the same time, it concentrates decision-making and mediation in the hands of AI blackboxes.'
He is yet to find an answer to what happens in case of errors and failures with real-world implications, tracing accountability and the inevitable regulatory questions. 'Whether the long-term implications of MCP's viral, cross-cutting spread will be net positive or not, is unclear to me,' he adds.
AI security expert Simon Wilson is worried about users going overboard in 'mixing and matching MCP Servers'. Particularly concerning is the attack method, called prompt injection.
'Any time you combine access to private data, exposure to untrusted content and the ability to externally communicate an attacker can trick the system into stealing your data,' he explains, in a Mastodon post. He points to the core of this approach, labelling it a 'lethal trifecta' — access to private data, exposure to untrusted content and an ability to communicate externally.
'Be careful with which custom MCP servers you add to your ChatGPT workspace. Currently, we only support deep research with custom MCP servers in ChatGPT, meaning the only tools intended to be available within the remote MCP servers are search and document retrieval. However, risks still apply even with this narrow scope,' OpenAI warns developers, in a technical note.
Microsoft too has noted specific risks around misconfigured authorisation logic in MCP servers leading to sensitive data exposure and authentication tokens being stolen, which can then be used to impersonate and access resources inappropriately.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
27 minutes ago
- Time of India
Are workers getting AI-ready as fast as their workplaces? The skill gap that could cost billions
As artificial intelligence becomes the hottest investment across global industries, a crucial question remains unanswered: are employees ready for it? According to the Forbes Research 2025 CxO Growth Survey, the AI boom is not a futuristic prediction — it's already here. Ninety-three percent of global C-suite leaders reported they plan to increase AI investments over the next two years, with over half committing to budget jumps of 16% or more. From customer support to financial forecasting, AI is quickly weaving itself into every facet of business operations. But while the technology is advancing at breakneck speed, people may not be. Tech Arrives Before the Team It's a familiar story in innovation cycles: shiny tools are deployed, but the people expected to use them are left playing catch-up. This time, the stakes are higher. The survey reveals that only 49% of Chief Human Resources Officers are prioritizing AI and data analysis training. Even among companies investing heavily in AI, only 57% are doing so. In the tech sector — arguably the most AI-savvy — the number drops to a worrying 38%. These figures expose a growing disconnect: while companies are racing to automate and innovate, their workforce isn't being equipped to keep up. That gap doesn't just slow down adoption — it threatens to derail it. The Hidden Cost of Not Training This skills shortfall can result in a cascade of problems. Underutilized tools, inefficient workflows, low employee confidence, and failed implementations could all become common side effects. And the blame often falls on the technology, not the lack of training. For many organizations, the rush to 'do something with AI' overshadows the quieter, less glamorous task of teaching teams how to use it meaningfully. This gap in workforce readiness could ultimately cost more than the AI investments themselves. You Might Also Like: Forget BTech. Zerodha's Nikhil Kamath says only one skill will matter to stay relevant in job market in 10 years From Awareness to Action The survey also shows that AI upskilling is technically on HR's radar — it's the second-highest talent development focus, just behind expanding data-driven employee insights. But 'focus' doesn't always translate into comprehensive training programs or cultural adaptation. As AI systems increasingly define how decisions are made, workflows are optimized, and customer service is delivered, ensuring that humans are fluent in how these tools work — and where their limitations lie — becomes critical. Without a parallel investment in people, companies may find their AI revolution stumbling not because the tech failed, but because they forgot to bring their workforce along for the ride. You Might Also Like: AI might take your job, but ignoring it could too: Microsoft links performance reviews to AI usage
Mint
an hour ago
- Mint
ChatGPT, Claude and Gemini not helping? Here's how to fix your prompts for better output
AI chatbots like OpenAI's ChatGPT, Google's Gemini, and Anthropic's Claude are increasingly woven into the fabric of daily life, assisting with everything from writing and coding to travel planning and customer service. But if you are not impressed with the results, the problem may not lie with the bot. Instead, it could be your prompt. According to an AP report, industry experts and the chatbot creators themselves agree: the key to unlocking accurate, creative and useful responses lies in how you communicate with these tools. Whether you are seeking help drafting a speech or planning a holiday, refining your input can make all the difference. Unlike a traditional web search, AI chatbots do not respond well to keyword-heavy or ambiguous instructions. 'Ensure your prompts are clear, specific, and provide enough context,' OpenAI advises. Rather than asking it to simply 'design a logo,' users should include the business name, industry, colour preferences and design style. The more detailed the request, the more personalised the response. Chatbot interactions are not one-and-done. Think of them more as a conversation. OpenAI recommends tweaking the wording, simplifying complex requests, or adding fresh context to achieve better output. Google echoes this in its Gemini prompting guide, noting that users should be ready to experiment with different phrasing. Iteration is key. If the first response falls flat, adjust and try again. You can shape the tone and voice of an AI's output by explicitly stating the style you want: professional, casual, humorous or formal. Chatbots can also adjust their language depending on the intended audience, whether it is schoolchildren or industry experts. This helps create responses that are not just accurate, but appropriately pitched. Generic inputs yield generic answers. If you ask for a 'weeklong itinerary in London,' the bot might list the city's usual tourist hotspots. But add context, such as your interests, budget, travel dates and group details, and the result becomes a far more tailored and relevant plan. As Google's guidance notes, examples and background information help the AI understand exactly what you need. If you are overwhelmed by long-winded responses, you can take control by setting limits. Ask the chatbot to respond in a specific format or with a word count cap, for example, 'Explain in under 150 words,' or 'Summarise in five bullet points.' This kind of constraint pushes the AI to be concise and focused, helping users absorb complex topics more easily.
Time of India
an hour ago
- Time of India
Bill Gates' daughter taps ChatGPT to taste startup success: Here's all you need to know
Academy Empower your mind, elevate your skills Tech billionaire Bill Gates' daughter's fashion tech startup Phia , has made headlines as the founder, Phoebe Gates , revealed her marketing strategy woven around artificial intelligence (AI) Gates said AI tools like ChatGPT have been a creative partner for her startup, Phia, to track market trends and viral content on social media platforms like Instagram and TikTok The comments came during her interaction with cofounder Sophia Kianni on The Burnouts podcast, which was started by the duo to invite guests who candidly talk about their careers and experiences as startup founder goes on to explain the marketing plan. Phia collects data of top-performing videos from Instagram and TikTok, records the data in Excel, and does an in-depth analysis of them, noting the minute details like lighting, narrative, tone, in 2022 by Phoebe Gates, the startup works as an AI assistant that helps you shop smartly by offering the best brand deals teamed up with her former Stanford roommate and climate activist Sophia Kianni to launch Phia to transform online startup claims that it tracks over 40,000 sites to find the best price for the customer and that the end-to-end personal shopping assistant has partnered with thousands of brands to make it possible. Among its standout features are the "Should I Buy This?" button and personalised shopping preferences, both aimed at making shopping simpler and more also allows users to create shoppable moodboards. Through this, users can gain insights into stock and price app's vast database includes over 250 million secondhand items from platforms such as The RealReal, Vestiaire Collective, and Poshmark. It operates as an iOS app and a Chrome browser extension, catering to users on mobile and has already attracted investments from prominent figures, including businessperson Kris Jenner and entrepreneur Desiree Gruber.
