Video wird geladen...

Video konnte nicht geladen werden

Beim Laden dieses Videos ist ein Problem aufgetreten. Dies könnte an einem vorübergehenden Netzwerkproblem liegen oder das Video ist möglicherweise nicht verfügbar.

🚨 Security Advisory: Anthropic's Slack MCP Server leaks data via link unfurling ☠️ See a demo exploit with Claude Code connected to the MCP server, and how a prompt injection attack can leak developer secrets. Watch and learn!

Johann Rehberger

9,880 subscribers

20,460 Aufrufe • vor 1 Jahr •via X (Twitter)

Anya Rossi• Live Now

Private livecam show

7 Kommentare

Profilbild von Johann Rehberger

Johann Rehbergervor 1 Jahr

🛠️ No patch coming! Server is now deprecated and not maintained anymore - but it appears still widely used. MCP ecosystem is extremely immature. If you are using, or hosting the server, read the details and take necessary precautions:

Profilbild von Embedded Nature

Embedded Naturevor 1 Jahr

Is this the official slack MCP? You should try this with the cursor slack integration(Background Agent). Its technically a slack app , but maybe your script will expose the same vulnerability.

Profilbild von Johann Rehberger

Johann Rehbergervor 1 Jahr

This is Anthropic's Slack MCP server. It was deprecated two days after I reported the issue, but it can still be downloaded via npm. Over 14k downloads last week. Yeah, it's a quite common bug - seen it in most LLM Slackbots and other messaging bots, so good to raise awareness.

Profilbild von Luca Beurer-Kellner

Luca Beurer-Kellnervor 1 Jahr

Really nice exploit. Does the C file contain hidden instructions or the .env file? Link unfurling was also the key to our CTF challenge from last summer:

Profilbild von Johann Rehberger

Johann Rehbergervor 1 Jahr

fyi - more lethal trifecta. this time via link unfurling. blog has details

Profilbild von Himanshu Kumar

Himanshu Kumarvor 1 Jahr

Unfurled links can leak sensitive data. Be careful.

Profilbild von Johann Rehberger

Johann Rehbergervor 1 Jahr

Yes, the general threat applies to any AI agent that posts to a messaging app. I described this behavior here and also looked at most common messaging apps to see what they do with links

Ähnliche Videos

Great demo from the Slack platform team on how the Slack MCP server can be used from Claude! See it at Dreamforce! ❤️🤖

Great demo from the Slack platform team on how the Slack MCP server can be used from Claude! See it at Dreamforce! ❤️🤖

Marc Benioff

28,722 Aufrufe • vor 8 Monaten

You can now clone any website just by writing a prompt. Simply add the Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

You can now clone any website just by writing a prompt. Simply add the Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

Alvaro Cintas

83,031 Aufrufe • vor 11 Monaten

You can now clone any website just by writing a prompt. Simply add the new Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

You can now clone any website just by writing a prompt. Simply add the new Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

Alvaro Cintas

539,611 Aufrufe • vor 1 Jahr

New course: MCP: Build Rich-Context AI Apps with Anthropic. Learn to build AI apps that access tools, data, and prompts using the Model Context Protocol in this short course, created in partnership with Anthropic Anthropic and taught by Elie Schoppik Elie Schoppik, its Head of Technical Education. Connecting AI applications to external systems that bring rich context to LLM-based applications has often meant writing custom integrations for each use case. MCP is an open protocol that standardizes how LLMs access tools, data, and prompts from external sources, and simplifies how you provide context to your LLM-based applications. For example, you can provide context via third-party tools that let your LLM make API calls to search the web, access data from local docs, retrieve code from a GitHub repo, and so on. MCP, developed by Anthropic, is based on a client-server architecture that defines the communication details between an MCP client, hosted inside the AI application, and an MCP server that exposes tools, resources, and prompt templates. The server can be a subprocess launched by the client that runs locally or an independent process running remotely. In this hands-on course, you'll learn the core architecture behind MCP. You’ll create an MCP-compatible chatbot, build and deploy an MCP server, and connect the chatbot to your MCP server and other open-source servers. Here’s what you’ll do: - Understand why MCP makes AI development less fragmented and standardizes connections between AI applications and external data sources - Learn the core components of the client-server architecture of MCP and the underlying communication mechanism - Build a chatbot with custom tools for searching academic papers, and transform it into an MCP-compatible application - Build a local MCP server that exposes tools, resources, and prompt templates using FastMCP, and test it using MCP Inspector - Create an MCP client inside your chatbot to dynamically connect to your server - Connect your chatbot to reference servers built by Anthropic’s MCP team, such as filesystem, which implements filesystem operations, and fetch, which extracts contents from the web as markdown - Configure Claude Desktop to connect to your server and others, and explore how it abstracts away the low-level logic of MCP clients - Deploy your MCP server remotely and test it with the Inspector or other MCP-compatible applications - Learn about the roadmap for future MCP development, such as multi-agent architecture, MCP registry API, server discovery, authorization, and authentication MCP is an exciting and important technology that lets you build rich-context AI applications that connect to a growing ecosystem of MCP servers, with minimal integration work. Please sign up here!

New course: MCP: Build Rich-Context AI Apps with Anthropic. Learn to build AI apps that access tools, data, and prompts using the Model Context Protocol in this short course, created in partnership with Anthropic Anthropic and taught by Elie Schoppik Elie Schoppik, its Head of Technical Education. Connecting AI applications to external systems that bring rich context to LLM-based applications has often meant writing custom integrations for each use case. MCP is an open protocol that standardizes how LLMs access tools, data, and prompts from external sources, and simplifies how you provide context to your LLM-based applications. For example, you can provide context via third-party tools that let your LLM make API calls to search the web, access data from local docs, retrieve code from a GitHub repo, and so on. MCP, developed by Anthropic, is based on a client-server architecture that defines the communication details between an MCP client, hosted inside the AI application, and an MCP server that exposes tools, resources, and prompt templates. The server can be a subprocess launched by the client that runs locally or an independent process running remotely. In this hands-on course, you'll learn the core architecture behind MCP. You’ll create an MCP-compatible chatbot, build and deploy an MCP server, and connect the chatbot to your MCP server and other open-source servers. Here’s what you’ll do: - Understand why MCP makes AI development less fragmented and standardizes connections between AI applications and external data sources - Learn the core components of the client-server architecture of MCP and the underlying communication mechanism - Build a chatbot with custom tools for searching academic papers, and transform it into an MCP-compatible application - Build a local MCP server that exposes tools, resources, and prompt templates using FastMCP, and test it using MCP Inspector - Create an MCP client inside your chatbot to dynamically connect to your server - Connect your chatbot to reference servers built by Anthropic’s MCP team, such as filesystem, which implements filesystem operations, and fetch, which extracts contents from the web as markdown - Configure Claude Desktop to connect to your server and others, and explore how it abstracts away the low-level logic of MCP clients - Deploy your MCP server remotely and test it with the Inspector or other MCP-compatible applications - Learn about the roadmap for future MCP development, such as multi-agent architecture, MCP registry API, server discovery, authorization, and authentication MCP is an exciting and important technology that lets you build rich-context AI applications that connect to a growing ecosystem of MCP servers, with minimal integration work. Please sign up here!

Andrew Ng

141,952 Aufrufe • vor 1 Jahr

MCP meets Ollama! In this video you'll learn how build a 100% local MCP client that you can connect to any MCP server. 100% open-source code, step-by-step guide:

MCP meets Ollama! In this video you'll learn how build a 100% local MCP client that you can connect to any MCP server. 100% open-source code, step-by-step guide:

Akshay 🚀

92,245 Aufrufe • vor 1 Jahr

Here's how you can create any MCP server you want, just by using Claude Code.

Here's how you can create any MCP server you want, just by using Claude Code.

Pietro Schirano

81,132 Aufrufe • vor 1 Jahr

Here's how to build an MCP server with a single TypeScript file, and connect it to Claude Code. No build step. No bullshit. Totally transformative.

Here's how to build an MCP server with a single TypeScript file, and connect it to Claude Code. No build step. No bullshit. Totally transformative.

Matt Pocock

254,095 Aufrufe • vor 1 Jahr

Your dev experience now has full MCP support Use the the Shopify Dev MCP server to set up, code, and validate your app Demo with Darius Gai

Your dev experience now has full MCP support Use the the Shopify Dev MCP server to set up, code, and validate your app Demo with Darius Gai

Shopify Developers

23,238 Aufrufe • vor 6 Monaten

Somebody hooked up Claude Code to pair program with o3 and Gemini 2.5 via MCP for an all-star coding lineup 🤯 - Claude controls the work - Can call out to Gemini and o3 for tasks and input - Works around MCP limit by using prompt files Check out Zen MCP (link below)

Somebody hooked up Claude Code to pair program with o3 and Gemini 2.5 via MCP for an all-star coding lineup 🤯 - Claude controls the work - Can call out to Gemini and o3 for tasks and input - Works around MCP limit by using prompt files Check out Zen MCP (link below)

Ian Nuttall

216,492 Aufrufe • vor 1 Jahr

Here is how you can build an MCP server with I built an MCP server that can send emails with Resend in < 1 min. Didn't need to write any code.

Here is how you can build an MCP server with I built an MCP server that can send emails with Resend in < 1 min. Didn't need to write any code.

Bhanu Teja P

20,595 Aufrufe • vor 1 Jahr

You can now install the Supabase MCP server on Claude web and desktop!

You can now install the Supabase MCP server on Claude web and desktop!

Tyler Shukert

60,361 Aufrufe • vor 4 Monaten

Prompt-to-MCP Server in less than 10 minutes. With Launch 2, Memex is now “like Claude Code and Claude Desktop rolled into one, with support for both Anthropic and Gemini models”. 1/10

Prompt-to-MCP Server in less than 10 minutes. With Launch 2, Memex is now “like Claude Code and Claude Desktop rolled into one, with support for both Anthropic and Gemini models”. 1/10

Workshop AI

289,007 Aufrufe • vor 1 Jahr

I've been waiting for this. The Unified MCP is here! Rube is a universal MCP server to connect your AI agents to all *your* apps. Works with your favorite IDE, Claude Code, and other MCP clients. Watch it research YouTube vids → generate a full content strategy doc. Insane!

I've been waiting for this. The Unified MCP is here! Rube is a universal MCP server to connect your AI agents to all your apps. Works with your favorite IDE, Claude Code, and other MCP clients. Watch it research YouTube vids → generate a full content strategy doc. Insane!

elvis

62,262 Aufrufe • vor 10 Monaten

You can connect your Supabase database via MCP server to Cursor! The Cursor agent can get the schema and any data from your database through the official Postgres MCP server! This helps Cursor understand your database better when it needs to modify it to add a new feature!

You can connect your Supabase database via MCP server to Cursor! The Cursor agent can get the schema and any data from your database through the official Postgres MCP server! This helps Cursor understand your database better when it needs to modify it to add a new feature!

Tyler Shukert

203,451 Aufrufe • vor 1 Jahr

Ready to get started with @Antigravity? You can connect the Firebase MCP server to take your app development to the next level 🚀 Learn how to add Firebase MCP to Antigravity, link your current project, and start building →

Ready to get started with @Antigravity? You can connect the Firebase MCP server to take your app development to the next level 🚀 Learn how to add Firebase MCP to Antigravity, link your current project, and start building →

Firebase

90,985 Aufrufe • vor 7 Monaten

The Linear MCP server has been upgraded with new product management capabilities. See them in action in Claude Code:

The Linear MCP server has been upgraded with new product management capabilities. See them in action in Claude Code:

Linear

169,776 Aufrufe • vor 4 Monaten

Unreal Engine 5.8 ships today with experimental MCP server support: Your sources, your pipeline and your workflow—simply configure the MCP plugin and connect to any agent. Get familiar with the MCP server and the PCG Primitive Plugin today and see what teams can build together:

Unreal Engine 5.8 ships today with experimental MCP server support: Your sources, your pipeline and your workflow—simply configure the MCP plugin and connect to any agent. Get familiar with the MCP server and the PCG Primitive Plugin today and see what teams can build together:

Unreal Engine

2,964,556 Aufrufe • vor 8 Tagen

Leverage the Dart MCP Server to enhance your Dart and Flutter development experience 💻✨ In this blog, explore useful tools provided by the Dart MCP Server and learn how to configure the server for use in popular development environments and tools →

Leverage the Dart MCP Server to enhance your Dart and Flutter development experience 💻✨ In this blog, explore useful tools provided by the Dart MCP Server and learn how to configure the server for use in popular development environments and tools →

Flutter

18,878 Aufrufe • vor 11 Monaten

Introducing: Akash MCP Server Create a deployment on the Akash Supercloud directly from any MCP client — including Claude and Cursor.

Introducing: Akash MCP Server Create a deployment on the Akash Supercloud directly from any MCP client — including Claude and Cursor.

Akash Network

29,333 Aufrufe • vor 1 Jahr

Excited to demo our recent integration with Hedera HCS-10 and Moonscape 🟧🟪, enabling Hedera AI agents to buy SkyX weather data via their MCP server with just a wallet and some USDC

Excited to demo our recent integration with Hedera HCS-10 and Moonscape 🟧🟪, enabling Hedera AI agents to buy SkyX weather data via their MCP server with just a wallet and some USDC

Neuron

20,382 Aufrufe • vor 1 Jahr