AI Frankly

MCP 202: The Missing Control Layer Between Your Agents and Your Tools.Security researchers have a name for what's happening inside most enterprise AI deployments right now: NeighborJack.This episode breaks down what NeighborJack is, why vendors are racing to sell you MCP Security Gateways, and the four questions every operator should ask about any MCP server they're running.Full article: https://aifrankly.substack.com/p/someone-needs-to-sit-between-your-b31Watch on YouTube: https://youtu.be/TKiDj4vH4VcSubscribe free at aifrankly.substack.com.AI Frankly: Build the layer or buy the breach. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Half a million lines of source code leaked. A federal court fight the same week. And the thing the internet actually remembered was an ASCII owl named Zornix.This episode covers what EP.15 and EP.16 didn't -- the cultural artifact that came out of the worst press week in Anthropic's history.Download the Python script (see all 18 buddies, free): https://tinyurl.com/zornixRead the full article: https://aifrankly.substack.com/p/the-week-anthropic-leaked-the-internetEP.15 -- Anthropic Did It Again: https://aifrankly.substack.com/p/anthropic-did-it-againEP.16 -- The Blueprints Are Public Now: https://aifrankly.substack.com/p/the-blueprints-are-public-now00:00 - Introduction: The Dissonance 03:00 - Timeline of the Leak 07:00 - The Mechanics of Minification 12:00 - The Discovery (30 Seconds) 16:00 - Unpacking KAIROS: The Autonomous Daemon 21:00 - Undercover Mode 26:00 - The Compaction Attack Vector 30:00 - The Bash Security Parser Differential 34:00 - The Axios NPM Supply Chain Collision 38:00 - Mitigation Protocols 42:00 - The Pentagon Lawsuit and Responsible Scaling 45:00 - The Verification Agent 48:00 - The Phenomenon of Zornix 50:00 - ConclusionSubscribe free on Substack: https://aifrankly.substack.com Apple Podcasts: https://podcasts.apple.com/us/podcast/ai-frankly/id1873177211 Spotify: https://open.spotify.com/show/6iEuQyxwLeUDsR67QleSTnAI Frankly: aifrankly.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Anthropic refused defense contract terms that would have allowed military use of Claude. A federal judge called the Pentagon's response classic First Amendment retaliation. Seven days later, the complete source architecture of Claude Code was permanently mirrored across GitHub.This is the full deep dive. 41 minutes covering the Pentagon lawsuit, Judge Rita Lin's ruling, KAIROS, Undercover Mode, the compaction attack vector, and what it means for enterprise IT practitioners right now.What we cover:- The Pentagon dispute and Judge Rita Lin's ruling- KAIROS -- the fully built autonomous daemon nobody announced- Undercover Mode and the irony at the center of the story- The compaction attack vector and context poisoning- The bash security parser differential- The Clean Room Clone and the IP legal paradox- The IPO stakes and what this means for enterprise trustWatch on YouTube: https://youtu.be/0L2isrk88y0Read the full article: https://open.substack.com/pub/aifrankly/p/the-blueprints-are-public-nowFind everything at aifrankly.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

On March 31, 2026, an intern at a blockchain security firm checked the npm registry for the newest release of Claude Code. Within 30 seconds he found a 59.8MB source map file that should never have shipped to production. Inside: 512,000 lines of TypeScript, 1,900 files, and the complete architecture of one of the most important AI developer tools ever built.This is the full deep dive. 45 minutes covering the mechanics of how it happened, what the leaked source code actually revealed, and the concurrent Axios supply chain attack that hit the same morning.What we cover:How a single missing line in a config file exposed the entire codebaseKAIROS: the fully built autonomous daemon mode Anthropic never announcedThe Buddy virtual pet system and the hex-encoded duckUndercover Mode and the grand irony at the center of this storyThe Axios npm supply chain attack and who is actually at operational riskThe operator verdict: Watch, Act Now, AdoptWatch on YouTube: https://youtu.be/XGv8sW2NS0kRead the full article: https://open.substack.com/pub/aifrankly/p/anthropic-did-it-againFind everything at aifrankly.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Anthropic shipped six major products in March 2026. A federal lawsuit over autonomous weapons. And a quietly revised safety pledge with no hard stop. All in the same 30 days.In this episode we unpack the full operator picture -- what shipped, what it means for enterprise security, and what every IT practitioner needs to know before deploying any of it.In this episode:Claude Computer Use and the endpoint security risk nobody has filed a ticket for yetClaude Code Auto Mode and the shadow IT threat of ChannelsThe death of RAG pipelines with 1M context at standard pricingThe $100M partner network with the big four consulting firmsThe RSP revision that removed the hard stopThe Pentagon lawsuit and what it means for your vendor risk assessmentOperator Verdict: Adopt, Watch, Skip -- exactly what to do with each updateFind everything at aifrankly.com Watch on YouTube: https://youtu.be/19wv2Pqa0Eg Listen on Apple Podcasts and Spotify -- search AI Frankly This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Nobody hacked Anthropic. A misconfigured CMS left roughly 3,000 unpublished assets publicly accessible. One described a new model nobody was supposed to see yet. Cybersecurity stocks dropped billions in a single session. Not a breach. A config error.In this episode we unpack the full anatomy of the incident, what actually leaked, why Wall Street panicked, and what it means for every enterprise IT team managing content and documentation systems right now.In this episode:The anatomy of the CMS misconfigurationWhat leaked: Claude Mythos and the Capybara tierWhy cybersecurity stocks dropped billions in one sessionWhat Anthropic actually shipped in March 2026Claude Computer Use reaches general availabilityThe 15-minute rogue audit every IT team should run todayFind everything at aifrankly.com Subscribe free on Substack Watch on YouTube: https://youtu.be/4zheW7QJ4k4 Listen on Apple Podcasts and Spotify -- search AI Frankly This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

MCP hit 30 CVEs in 60 days. 38 percent of public MCP servers had zero authentication. The protocol works. The governance layer doesn't exist yet.This episode covers the real threat model for MCP in production: three villains, five layers of defense, and a six-question self-audit you can run against any MCP server today.MCP didn't break your security model. It exposed that you didn't have one.Topics covered:- The incident that should have been an incident report- The Content Injector, the Supply Chain Attacker, and the Over-Helpful Agent- Five layers of defense: identity, supply chain, isolation, policy, and monitoring- The governance maturity model: Stage 0 through Stage 3- The six-question self-auditRead the full article: https://aifrankly.substack.com/p/mcp-201-the-governance-deficitFull MCP Security Series: https://aifrankly.com/mcp-securityAI Frankly: Are We Having Fun Yet! This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Bonus Episode - Season 1Anthropic didn't have a week. They had a product conference that nobody announced.This deep dive breaks down everything that shipped in March 2026, sorted by who it actually affects: everyday Claude users, developers building with Claude Code, and enterprise operators responsible for securing all of it.What we cover:Persistent memory and the governance nightmareSonnet 4.6 and the 1M token context windowWhy RAG pipelines are becoming obsoleteClaude in Chrome and the Cowork native host conflictThe /loop command and runaway agent scenariosClaude Code Channels and the Telegram attack vectorVoice mode and generating bad code fasterClaude Code Security grading its own homeworkCowork on Desktop and why the VM sandbox failsSuperpowers, Dispatch, and awesome-agent-skillsThe IT velocity gap that is now permanentThe memory test: ask Claude what it remembersFree resource mentioned in this episode: claudehq.app - no account requiredFull article: https://open.substack.com/pub/aifrankly/p/this-already-hit-production-yourAI Frankly: The memo your IT team didn't get. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Here are the show notes:MCP 103: I Gave Claude Code Someone Else's Tools (Full Deep Dive) Season 1, Episode 11This week I wired three public MCP servers into Claude Code and gave it one sentence. It touched GitHub, n8n, and Notion without being asked which ones to use. No ticket filed. No audit trail.This episode covers the full lab report: what I connected, what Claude did without being told, and why the governance conversation is happening after the fact in most enterprises right now.Topics covered:GitHub MCP: read-only access and unprompted anomaly detectionn8n MCP: autonomous workflow chaining across three automationsNotion MCP: persistent memory that survives the conversation windowWhat happened when all three were connected simultaneouslyThe connectors panel moment: that list is your attack surfaceGlasses ON: enterprise governance gapGlasses OFF: the Minecraft PC Standard still appliesTry This Yourself: n8n, one test workflow, 30 minutesRead the full article: https://open.substack.com/pub/aifrankly/p/mcp-103-i-gave-claude-code-someoneWatch on YouTube: https://youtu.be/0idx_l2o5X0Settings:Title: MCP 103: I Gave Claude Code Someone Else's Tools (Full Deep Dive)Season 1, Episode 11, FullRSS toggle: ONSend via email: OFFNo paywallReady to upload the audio? This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Here are the show notes:MCP 101 was the spec. MCP 102 is the behavior.In this episode we go beyond the documentation. We cover what actually happens when you flip the switch and run MCP in a real project stack.The wireframe nobody asked for. The interaction texture shift. The difference between a tool you prompt and a system that can act.What we cover:The amnesia problem every AI user knows but hasn't namedResuming from state vs. starting from zeroThe three-tool stack: Anthropic MCP, Notion, and n8nWhy MCP doesn't give Claude memory, it gives structured access to your external memoryHow to try this yourself in 15-20 minutes on Claude Desktop or Claude CodeThe governance gap enterprise IT teams aren't ready forOperator Verdict: Adopt (Tinkerers) / Watch (Enterprise)Read the full article: https://open.substack.com/pub/aifrankly/p/mcp-102Listen on: Apple Podcasts: https://podcasts.apple.com/us/podcast/ai-frankly/id1873177211 Spotify: https://open.spotify.com/show/6iEuQyxwLeUDsR67QleSTn YouTube: https://youtube.com/@AIFranklyAI Frankly. Are we having fun yet? This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Everyone is making videos about MCP. Nobody is reading the actual documentation.This is the full 35-minute deep dive on the Model Context Protocol, grounded entirely in official Anthropic sources. What it is, what it isn't, and why Anthropic built it.What we cover:- The "USB-C port for AI" analogy (from Anthropic's own docs)- The N x M problem: 50 integrations down to 15- Host, Client, Server: the three roles- Resources, Prompts, Tools: the three capabilities- Why the protocol can't enforce security- Anthropic's real business motivation- How to spot MCP running in Claude Desktop right nowSources: Official Anthropic blog post, Model Context Protocol GitHub, modelcontextprotocol.io documentation. Nothing else.Operator Verdict: Adopt (Tinkerers) / Watch (Enterprise)Read the full article with links and sources:https://open.substack.com/pub/aifrankly/p/mcp-101AI Frankly. Are we having fun yet? This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

The full deep dive podcast on the Goldman Sachs x Anthropic story.What we cover:The $285 billion software sell-off and what triggered it. What Goldman actually built with embedded Anthropic engineers. What "digital co-worker" and "constrain headcount growth" really mean for the person in the chair. The pressure cascade from boardroom to your desk. Why auditability beats raw intelligence in regulated industries. And a practical exercise you can try in 5 minutes.Read the full article: https://open.substack.com/pub/aifrankly/p/your-boss-just-saw-what-goldman-didWatch on YouTube: https://youtu.be/CEQ9YYkMuSMExecutive Producer: NotebookLMAI Frankly. Learn the tools before the tools learn your job. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

The full deep dive. Two parts, one episode.Part 1 explored the plumbing behind Visa's AI agents and why 4,700% bot traffic is the reason we can't have nice things yet. Part 2 asks the harder question: when AI agents start making decisions in the transaction chain, who owns the mistake?Read Part 1: https://open.substack.com/pub/aifrankly/p/the-plumbing-behind-the-hype-visasRead Part 2: https://open.substack.com/pub/aifrankly/p/the-plumbing-behind-the-hype-partWatch on YouTube: https://youtu.be/aX2fKpKmOEgRuntime: 33:47Executive Producer: NotebookLMAI Frankly: No hype. Just receipts. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Your prompt is a suggestion. Your source is gospel. This week we break down the Clean Room Method, a 5-step framework to stop AI tools from leaking your personal information. Covering real-world use cases for sales reps, consultants, marketers, analysts, and founders. Plus the enterprise parallels from Disney, IBM, and Anthropic that prove this isn't new.Full article with copy/paste templates: https://open.substack.com/pub/aifrankly/p/the-clean-room-methodExecutive Producer: NotebookLMThe only podcast executive produced by an AI. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Your local AI agent has system access, reads untrusted input, and can send data out. That's the Lethal Trifecta.In this episode we dissect a case study from early 2026 and introduce the 10-Minute Cage Check.Read the full article: [link to article post once live]Watch the promo: https://youtu.be/Qyed6tJvkqoAI Frankly: No hype. Just receipts.Executive Producer: NotebookLM This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

What if your next RPG remembered everything?Not just this playthrough. Every playthrough. Every choice. Every betrayal. Across every game in the franchise.AI agent swarms are making persistent karma systems possible. The algorithm never forgets.In this episode:- Why current karma systems reset at the title screen- How AI agents can track behavior across games- The technical architecture of persistent consequence- What this means for the future of RPGsWatch on YouTube: https://youtu.be/RiDxe7G6pB4Executive Producer: NotebookLMAI Frankly: No hype. Just receipts. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

Who pays when your AI agent books the wrong flight?This episode combines two articles originally published on AI Frankly:Part 1: "The Plumbing Behind the Hype" (December 19, 2025)Part 2: "The Fifth Party Problem" (January 5, 2026)The short version: AI agents are making purchases, signing agreements, and taking actions on your behalf. When something goes wrong, nobody knows who's liable.In this episode:- The 4,700% bot traffic problem- Visa's five-layer verification system- Why the Fifth Party concept is aspirational, not operational- Protocol Wars: Visa vs Google vs Mastercard- Insurance as the real answer (AIUC, Munich Re, Armilla)- The KYA gap: Know Your Agent- Trust levels and what to watchRead the original articles:Part 1: https://aifrankly.substack.com/p/the-plumbing-behind-the-hypePart 2: https://aifrankly.substack.com/p/the-fifth-party-problemExecutive Producer: NotebookLMThe only podcast executive produced by an AI.AI Frankly: No hype. Just receipts.The tech works. The governance doesn't. Yet. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

The barrier isn't Python. It isn't hardware. It's the fear of breaking something that has a 30-second fix.In this episode:- The 3 Fake Fears (Daily Driver, Rabbit Hole, No Undo)- The 3 Realities (Your Safety Net)- The Minecraft PC Standard- Why Shadow IT is actually Distributed R&DRead the full article: https://aifrankly.substack.com/p/fear-is-fake-why-youre-still-notExecutive Producer: NotebookLM This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com

I repurposed my gaming rig into a local AI server with zero cloud dependency. In this deep dive, we break down why I stopped trusting managed AI services, how to set up LM Studio with Llama 3.1 8B, and how I built The Fetcher agent with FastMCP.Full written tutorial: https://aifrankly.substack.com/p/the-nuclear-optionAI Frankly: No hype. Just receipts. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aifrankly.substack.com