A new dataset on the public MCP package ecosystem: 973 packages on npm, 71% with a single maintainer, 25% with no linked...

A new dataset on the public MCP package ecosystem: 973 packages on npm, 71% with a single maintainer, 25% with no linked source repo, and 9 of 11 registries accepted malicious uploads in testing. The 2026 AI developer supply chain is starting to look like npm in 2014. https://go.aintelligencehub.com/ma-mcpdevelopersecurity2#AI #MCP #CyberSecurity #SupplyChain

Read Original

Related