Safety concerns and safe usage of MCP - OAuth Tutorial

- [Instructor] MCP is an open protocol. An open protocol is something similar to USB or HTTP, meaning you and I and everyone else can build our own MCP servers and MCP clients to do whatever we want. It's sort of like a road. You have a road, you can do whatever you want on it. If you do safe things, then you'll be safe and the people around you will be safe. If you do dangerous things, the people around you will not be safe and neither will you. And there's really no way of knowing when you are on the road, whether other people on the road are also behaving in a safe way. It's the same as with the web, right? There are websites on the web that are safe and there are websites on the web that are not safe. And over time, we've built systems to ensure that people go, are able to access safe websites and are protected from not so safe websites. But HTTP is 35 years old. MCP is eight months old. And the road, the USB interfaces are currently being built as I'm talking with changes shipping literally every day. So what is possible has yet to be determined. And how we do this in a safe and responsible way is still up for debate. In some respects, MCP is like the USB dead drops. This is an art project that was started about 15 years ago where an artist started embedding USB drives in walls around the world. And then people could take their computers and go plug the computer into the USB drives and see what happened. There was one close to where I live and I remember taking a Raspberry Pi so a little like computer that runs off a memory chip, so it doesn't matter if something goes wrong. And I plugged it into one of these things to see what was on it. And there was some really interesting stuff on there. There was art, there was also plenty of viruses and malware, and there was some less great things on there because it's a publicly available thing that you plug into. And for all the promise of MCP, this picture here is unfortunately a good illustration of what MCP can be. I'm not saying all MCP servers are on USB drive in a wall somewhere that anyone has access to. I'm saying right now, today, there is no official secure way of installing MCP servers where you are 100% safe from what the MCP server is doing unless you used MCP servers that are built into your services. I'll give you a couple of examples. So if you're using ChatGPT, and you go to, what is it, Settings. And then you go to Connectors, you'll see there is a list of available connections. These are the features that you can bring into ChatGPT. So here we have Box, Canva, Dropbox, GitHub, Gmail, HubSpot, and some others. These are MCP servers that are supported in GitHub in ChatGPT. And you'll notice that these are the only MCP servers that are supported in ChatGPT currently. You can't plug anything else in. If you're on an enterprise account, you actually can build custom connections, meaning custom MCPs that you plug in. But for us, average, normal people who are using normal ChatGPT, as of right now, you can't plug in MCPs directly. Claude, on the other hand, allows you to bolt new MCP servers on if you want to. You go down to the tool here, you can see there's already a series of connectors that are shipped inside Cloud desktop. We have Drive, Gmail, Google Calendar, you can then click on Add connectors, and then you get a list of all the available connectors that are offered by Claude and Anthropic, meaning these are connectors or MCP servers that Claude and Anthropic have vetted. And it's determine that these are safe to use-ish and therefore, we can use them. You can also install your own. So you can go to manage connectors and browse connectors on the web. You can add a custom connector either by URL, so if someone is hosting an MTP server somewhere, you can just plug in the URL here and run it. And if you're a developer, you can also go to Claude's settings and then go to, let's see, where is that? So if I go Claude settings here and go to developer, I can go down to edit config and then open the configuration file in a code editor, and then I can plug in MCP servers manually. And I can then run those MCP servers locally on my computer. Or I can find ones that are hosted on GitHub or NPM or somewhere else, or I can plug in to any other ones that exist. So you have options and you can see how there are like a normal user level option, which is the safe vetted ones. And then there's the a little more advanced options. And then there's the developer-centered ones. Because once you're in a code editor, you can also plug in MCP servers. Here, I'm in VS Code and if I zoom in a little bit. You'll see at the bottom here inside my chat, I have these tools. Here, I can scroll down and see, here, I have some different tools installed. We have open meteo, this is the MCP server I built. There's also the hue server. There's another weather server, which is just a different version of it. And then at the bottom it says Add More Tools. Add MCP Server. And if I go on here, I can then click Browse MCP Servers, which eventually brings up a website that has MCP servers for developers. And this one is hosted by Visual Studio, which is Microsoft. So this is another marketplace for MCP servers and there are plenty more. So there are places you can go where you can find MCP servers. When you go through a servers like this, they are coming from the original vendor. Someone has looked at them to make sure they're doing what they want. If you go on GitHub or just randomly find one yourself, it's more along the lines of plugging your computer into a USB stick that's sticking out of a wall somewhere. It might be really cool, it might be super helpful, it might also be not so great. And in all of this, you also have to remember all these MCP servers are controlled by your AI, not you. So when you use them, the AI may decide to do something surprising that you didn't intend, and you have to account for that because you're giving your AI tool permission to do things and you have to consider the possibility that the AI might not do what you want all the time, which is a really interesting challenge. But you know, that is what we get when we play around with new technology. Sometimes things don't work exactly as we expect, and that is part of new technology.