(blogs.cisco.com)

166 points rldjbpin | 1 comments | 03 Sep 25 08:18 UTC | HN request time: 0s | source

Show context

deadbabe ◴[03 Sep 25 10:06 UTC] No.45114029[source]▶

The stakes aren’t that high yet for Ollama to warrant cumbersome auth mechanisms.

reilly3000 ◴[03 Sep 25 10:41 UTC] No.45114224[source]▶

If any MCP servers are running, anyone with access to query the chat endpoint can use them. That could include file system access, GitHub tokens and more.

replies(3): >>45114274 #>>45114972 #>>45115474 #

1. stoneyhrm1 ◴[03 Sep 25 12:35 UTC] No.45114972[source]▶

>>45114224 #

The LLM endpoint via ollama or huggingface is not the one executing MCP tool calls, that is on behalf of the client that is interacting with the LLM. All the LLM does is take input as a prompt and produce a text output, that's it. Anything else is just a wrapper.

↑

Finding thousands of exposed Ollama instances using Shodan