Posts
Posts by Andrea Menin
Field notes.
We audited 12K n8n templates: most have critical vulnerabilities
Static analysis on 12,750 n8n templates from n8n.io and GitHub. 716 expose pre-auth vulnerabilities. Six end-to-end demos: SSRF, SQL injection, RCE.
MCP security scan toolkit: scan, inspect, compliance check
MCP security scan, inspect, compliance check: three dashboard tools for shipping safer MCP servers. What each catches and how they fit a real workflow.
MCP rate limit: from DoS protection to per-tenant fairness
Per-IP isn't enough for an AI gateway. How to size your MCP rate limits for DoS, free-tier abuse, and per-tenant fairness, with worked examples.
AIronClaw Functions Catalog: pre-built gateway lambdas
A 14-recipe Lua lambda catalog for AI gateways: response shaping, request preprocessing, error normalization. One-click install on MCP or LLM proxies.
Production-ready n8n MCP servers need a gateway
n8n's MCP Server Trigger ships with a bearer token and per-workflow opt-in. Six months later you have ten endpoints, one token, and no idea who calls what.
MCP DLP at the gateway: six rules that bite in production
MCP tool responses join the LLM context as trusted tokens. A leaked API key or customer email becomes part of the prompt the model reads and logs.