
Ziv Cohen
MCP Auth Bypasses Show Why Tool Calls Need Runtime Authorization
The fast-mcp-telegram and LiteLLM CVE chains show that authentication failures rapidly become unauthorized tool execution. The fix is fail-closed, runtime tool-call authorization at the MCP boundary.



