Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...
InfoQ

Google ADK for Java 1.0 Introduces New App and Plugin Architecture, External Tools Support, and More

Google's Agent Development Kit for Java reached 1.0, introducing integrations with new external tools, a new app and plugin ...
GitHub

Boxsh: A sandboxed POSIX shell with concurrent JSON-line RPC mode

A sandboxed POSIX shell and MCP server, built on dash 0.5.12. boxsh works as a command-line shell and as an MCP (Model Context Protocol) server for AI agents. OS-native sandbox isolation is baked in — ...
GitHub

MCP Transport Firewall - Fail-Closed MCP Stdio Firewall

mcp-transport-firewall is a model-agnostic interception layer that sits between an MCP client and local or downstream tool servers. The primary security boundary is stdio. The runtime inspects ...