3 Red Flags Your MCP Server Is Stealing SSH Keys #Shorts

Your Claude Desktop MCP server might be stealing your SSH keys right now.

New research dropped this week: malicious MCP servers are hiding exfiltration code inside tool descriptions. 2.1% of LLM routers are already compromised. The 3 red flags to check before installing any community server: tool descriptions requesting access outside their stated purpose (weather tool asking for ~/.ssh?), hidden instructions wrapped in XML tags telling Claude to POST data to external URLs, and brand-new repos with zero stars and no audit.

Open claude_desktop_config.json tonight and audit every server. Save this so you have the checklist handy, and follow for daily Claude security tips.

📋 Step-by-step instructions:
1. Open Claude Desktop and go to Settings, then Developer
2. Click Edit Config to open claude_desktop_config.json
3. Review each MCP server entry under mcpServers
4. Visit the GitHub repo for each server and check stars, last commit, and issues
5. Open the server source code and search tool descriptions for suspicious strings like 'ssh', 'env', 'credentials', or hidden XML tags
6. Check for any fetch or HTTP calls to external URLs inside tool handlers
7. Remove any server that fails these checks and restart Claude Desktop
8. Only reinstall servers from verified publishers or with recent security audits

#claudedesktop #anthropic #aitools #aitips #claudeai #mcp #mcpservers #aisecurity #cybersecurity #promptinjection #llmsecurity #aiagents #devtools #infosec #aidevelopers #claudecode #techtips #softwareengineering #aiprivacy #supplychainsecurity

Видео 3 Red Flags Your MCP Server Is Stealing SSH Keys #Shorts канала Claude Hacks