The ecosystem is still very immature, and there is a lot of hype and unwarranted FOMO.
Here a security advisory for a popular Slack MCP server from Anthropic to highlight this: https://embracethered.com/blog/posts/2025/security-advisory-...
The fix was to deprecated the source code. But it's still up on npm with 10k+ downloads every week.
No CVE issued.