Brief

A developer has created Edgenote-AI, a tool designed to give large language models like Claude persistent memory for project context. This system functions as a shared knowledge base accessible via the Model Context Protocol (MCP), allowing both humans and AI to read and write information. Built on Cloudflare Workers, it offers a web UI for users and an MCP endpoint for LLMs, with plans to integrate advanced search capabilities. AI

A security audit of 35 Model Context Protocol (MCP) servers revealed widespread vulnerabilities, with 62% exhibiting issues. The most common problem was path traversal, allowing unauthorized file access, exacerbated by AI agents' potential manipulation through prompt injection. Other critical findings included shell metacharacters in configurations leading to remote code execution, exposed API keys in public repositories, and unpinned package dependencies that pose supply chain risks. AI

Researchers have developed a novel framework for detecting attacks within the tool-call traffic of Large Language Model (LLM) agents. This system represents agent sessions as graphs, incorporating sentence-embedding features from tool arguments and responses to classify traffic as benign or malicious. The study found that content-level features are crucial for effective detection, significantly outperforming metadata-only approaches, and highlighted a common evaluation pitfall that can inflate performance metrics. AI

A new tutorial repository, "MCP from Scratch," has been released, offering a step-by-step guide to understanding the Model Context Protocol (MCP). The project focuses on building an MCP server using plain Node.js and integrates local inference with GGUF models. It culminates in a custom agent loop that utilizes MCP tools, with an optional LangChain example provided. AI

AWS has launched its Model Context Protocol (MCP) server, providing AI coding agents with a secure and auditable method to interact with AWS services. This managed server allows agents to access APIs, documentation, and operational workflows via a standardized interface, avoiding the need to expose broad credentials. AI

FinContext has launched a new service that allows AI assistants like Claude and ChatGPT to securely access personal bank account data via Plaid. The service, built on the Model Context Protocol (MCP), aims to provide AI with real-time financial information for personalized advice. However, concerns are being raised about the security implications of granting AI agents access to sensitive financial data, with one article highlighting potential risks such as credential theft and unauthorized money movement, while another warns of broader governance and auditing challenges as MCP adoption grows. AI

The NSA has released a security playbook for AI-driven automation using the Model Context Protocol (MCP), outlining four key requirements for production deployments. These include cryptographically signing MCP messages, establishing verifiable cryptographic identities for agents, implementing structured and tamper-evident audit logging, and tracking MCP-specific vulnerabilities. The article highlights that specifications and implementations for these requirements, such as MCPS for message signing and ATTP for trust transport, already exist and predate the NSA's notice. AI

The Model Context Protocol (MCP) has updated its authorization flow to align with RFC 9207, enhancing security against OAuth mix-up attacks. This change mandates that authorization servers include an `iss` parameter in their responses, which clients must then validate against the originally recorded issuer. This structural defense prevents attackers from tricking clients into using authorization codes with the wrong identity provider, a vulnerability that previous session-based methods could not fully address. AI

GitHub Copilot can now manage local Azure development environments through the Model Context Protocol (MCP). This protocol allows Copilot to interact with tools and receive structured data, enabling it to provision resources like Key Vaults and Service Bus namespaces. The MCP server, developed by Topaz, facilitates this by acting as an intermediary between Copilot and local Azure emulators, with specific Docker networking configurations required for seamless operation. AI

Freshworks has integrated an MCP Gateway into its Freshservice ITSM platform, aiming to solve the problem of AI agents lacking access to live enterprise data. This new gateway allows AI agents to pull information from various systems like Workday and ClickUp without custom integration code, enabling more efficient workflows. The company is also launching Freddy AI Agent Studio, a no-code environment for building these agents, and introducing AI Insights with Experience Level Agreements (xLAs) to measure employee satisfaction rather than just ticket resolution times. AI

A new book titled "From Problems to Patterns: Generative AI in .Net (C#)" aims to equip .NET developers with the skills to build and deploy production-ready AI solutions. It focuses on the Microsoft AI stack, including Microsoft.Extensions.AI, Microsoft.Agents.AI, and Model Context Protocol, offering practical guidance and 37 runnable code examples. The book covers essential topics like multi-provider routing, robust RAG pipelines, maintainable autonomous agents, and secure deployment of AI tools. AI

The Model Context Protocol (MCP) allows Claude Desktop to interact with local and remote data sources. Three specific MCP servers are highlighted for daily use: a filesystem server for reading project files, a GitHub server for code reviews and repository browsing, and a PostgreSQL server for direct database queries. Setting up these servers is a quick process involving installation via the `mcp-hub` CLI and a configuration restart of Claude Desktop, though users are cautioned about the filesystem server's potential access. AI

A new command-line tool called `agmcp` has been developed to simplify the management of Model Context Protocol (MCP) server configurations. This Go-based utility allows users to safely add, remove, and list MCP servers without manually editing complex JSON files, which can often lead to syntax errors and application crashes. `agmcp` is designed to be fast, lightweight, and cross-platform, aiming to reduce friction for developers experimenting with AI clients like Claude Desktop and Cursor. AI

Microsoft has released a public preview NuGet package for .NET 8+ that enhances the Model Context Protocol (MCP) with agent governance features. This package, Microsoft.AgentGovernance.Extensions.ModelContextProtocol, addresses security concerns by implementing checks during both server startup and tool invocation. It scans for potential vulnerabilities like prompt injection, typosquatting, and credential leakage, aiming to make AI applications more secure. AI

The Sovereign Vault system has been enhanced with an 'Auditor' component, transforming its AI from a general assistant into a specialized forensic expert. This Auditor synthesizes data from visual perception, archival metadata, and predefined rules to generate a verdict. A 'Guardian' pattern ensures human oversight for high-severity findings, acting as a mandatory governance gate before any final decision is made. The system's accuracy is further validated using an LLM-as-a-Judge framework against a golden dataset, and deterministic circuit-breakers ensure reliability by enforcing agreement between the AI's logic and critical indicators. AI

Claude can now integrate with external tools through Model Context Protocol (MCP) custom connectors, enabling it to search for and retrieve SVG icons directly within a development workflow. This integration, demonstrated with SVGIcons.com, allows developers to request icons via prompts to Claude, streamlining the process of finding and implementing visual assets. The feature, which requires a SVGIcons PRO account, aims to reduce context switching and accelerate the development cycle by making icon discovery an AI-assisted task. AI

The Model Context Protocol (MCP) is experiencing rapid growth, with over 13,000 servers on npm and GitHub as of May 2026. Monthly SDK downloads have surged to 97 million, a threefold increase in six months, and new server registrations are up 400% year-over-year. MCP is evolving into a standard for granting AI models access to various tools like databases and file systems, though discovering specific MCP servers remains a challenge. To address this, a new tool, `mcp-hub`, has been developed to simplify server discovery and installation. AI

Microsoft has introduced a new composable AI stack for .NET developers, aiming to simplify the integration of AI features into applications. This stack includes modular components like Microsoft.Extensions.AI, DataIngestion, and VectorData, which provide stable abstractions over AI models, data pipelines, and vector stores. The new framework is demonstrated through ConferencePulse, an AI-powered conference app that leverages these components for features like live polling, intelligent Q&A, and data summarization. AI

Replit has introduced the Model Context Protocol (MCP), a new standard designed to enable AI models to connect with external data sources and tools. This protocol acts as a universal connector, allowing AI models to access information and perform actions beyond their initial training data, similar to how USB-C enables diverse devices to connect. MCP utilizes a client-server architecture, with clients initiating requests, a communication layer defining the protocol, and servers providing access to resources like databases, web services, and files. This standardization aims to simplify integration, allow for easier switching between AI providers, and enhance security for AI applications. AI