For some reason I missed that sentence trekking what "GPT Researcher "is, my bad.

I totally agree with what you said, and that confirms it’s not a vulnerability. Handing access to others comes with risks, and tools are not responsible for security measures. This is the job of virtualisation or things like LSM.

TBH this article looks like half AI slop to me. What’s “GPT researcher”? (edit: for some reason I missed the sentence explaining what it is, my had. My view doesn’t change anyway. )

Also, by their logic, a terminal can run “rm -rf /”, is this terminal vulnerable? Even more irony, in their report, they said GitHub is not vulnerable. Doesn’t this exactly mean it’s not the responsibility of MCP?

MCP is basically a protocol for payloads, it’s just like protobuf/JSON but for AI. Can we say MCP is vulnerable simply because it can carry malicious payloads?

Make a dumb EV and you immediately get a lot of clients.

An EV doesn’t need internet access, doesn’t need mics and cameras inside, doesn’t need a touchpad or a big screen.

I have a feeling this can’t be fixed unless they fork from a pre-slop point, which is highly unlikely.

The core problem with AI is not being incapable of generating working code, but the ability to maintain by AI or human.

AI has a larger memory (context size) than human. It can generate codes that are difficult for human to understand, and the complexity can build up fast, especially doing vibe coding without clear instructions (especially architectural).

On reaching a critical level, AI starts to make significantly more errors. At this point, no one can maintain, the codes are spaghetti. I think this is where Windows is at.

Remember what the maintainer of The Pirate Bay once said?

Never be too certain something won’t be enforced, as the power of capitalists are far worse than the public can imagine.

Maybe I’m too pessimistic, but this may just be the start. Big corps may find their way to control every aspect, step by step.