Categories
May 20, 2026
MCP access governance starts with RBAC
Hand-written Cedar policies won’t scale past a handful of MCP servers. Here’s how Stacklok Enterprise brings RBAC to ToolHive and what it looks like in practice.
May 13, 2026
Optimizing multi-MCP workflows
Managing dozens of MCP servers at scale creates real costs. Learn how a layered gateway, optimizer, and composite tools keep complexity under control.
May 05, 2026
How to evaluate MCP runtimes against the OWASP Top 10
The OWASP MCP Top 10 reads like ten distinct problems, and most coverage treats them that way: ten boxes to check, ten features to ship. Token mismanagement, tool poisoning, and …
May 04, 2026
Shadow MCP: the AI governance problem hiding in plain sight
Most enterprises believe they have a handle on their MCP deployments. They’re usually wrong, and often by an order of magnitude. Here’s what you’ll learn in this post: The number …
April 02, 2026
Tool annotations are becoming the risk vocabulary for agentic systems. That matters more than it might seem.
The MCP community dropped an update a couple weeks ago that I have been thinking about quite a bit: https://blog.modelcontextprotocol.io/posts/2026-03-16-tool-annotations/. It is an update on the state of tool annotations. …
March 16, 2026
Your AI agent doesn’t deserve root access
The power of coding agents is inseparable from risk. The question isn’t whether something will go wrong; it’s how far the damage can travel when it does. Here’s what you’ll …