Engineering notes

On MCP security: sandboxing, credential injection, egress control, and the design of a security-first gateway. RSS

• June 7, 2026

  Gig'MCP vs Composio: self-hosted security vs hosted convenience

  Two very different answers to the same problem: how do you give AI agents access to hundreds of tools without scattering API keys everywhere? A fair comparison of Composio's hosted connector platform and Gig'MCP's sandboxed, self-hosted gateway.

  Read →
• June 7, 2026

  How Gig'MCP keeps API keys out of MCP servers entirely

  Placeholder tokens, an envelope-encrypted vault, and a MITM egress proxy that injects real credentials only on HTTPS calls to allowlisted domains. A technical walkthrough of credential injection at the network boundary.

  Read →
• June 7, 2026

  Why MCP servers are a security risk (and what kernel sandboxing fixes)

  Every MCP server you install runs with your raw API keys and unrestricted network access. Here's the threat model the ecosystem is ignoring, and how kernel-enforced sandboxing with bubblewrap, namespaces, and seccomp actually closes it.

  Read →