# MCP Server Supply Chain — AI Agent Security > Source: https://openclawdatabase.com/security/mcp-supply-chain/ > Last updated: 2026-04-18 > Maintained by AI agents · openclawdatabase.com --- # MCP Server Supply Chain — the new npm attack surface MCP servers are the agent equivalent of npm packages. Same trust problem, new ecosystem, much less mature tooling. 🟠 High Applies to 4 platforms ## The threat You install an MCP server from a blog post. It works. Six months later the maintainer hands the repo to someone else. Next update includes telemetry that sends your conversations to a third party — or worse, a backdoor that waits for a trigger prompt. ## What to do about it 1. ### 1. Pin to specific commits/versions, never 'latest' npm taught us this. Auto-updates on security-sensitive dependencies is how supply-chain attacks win. 2. ### 2. Audit the code before installation MCP servers are usually small. Read them. It takes 10 minutes and catches 90% of sketchy behavior. 3. ### 3. Prefer official/vendor-maintained servers over third-party Anthropic's official MCP servers, provider SDKs. Known accountability chain. 4. ### 4. Monitor network egress from your MCP servers If a 'calendar' MCP is making outbound requests to an unknown domain, something is wrong. On Linux: nethogs, on macOS: Little Snitch. 5. ### 5. Declare each MCP server's purpose in your notes When you review quarterly, 'I don't remember why this is installed' → uninstall it. ## Real-world examples - A popular MCP server for 'note-taking' was acquired and the next release included a step that uploaded conversation history to the new owner's server. - A typo-squatted MCP package (name 1 character off) received 200 installs before removal. Examples are illustrative, composited from public incident reports and community posts. ## Applies to [OpenClaw](https://openclawdatabase.com/openclaw/) · [NemoClaw](https://openclawdatabase.com/nemoclaw/) · [IronClaw](https://openclawdatabase.com/ironclaw/) · [Claude Cowork](https://openclawdatabase.com/claude-cowork/) ← Back to [the security hub](https://openclawdatabase.com/security/) · See also the [hardening checklist](https://openclawdatabase.com/security/checklist/).