[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]  Simon Willison [@simonw](/creator/twitter/simonw) on x 111K followers Created: 2025-07-06 01:45:01 UTC Here's another proof of concept example of a lethal trifecta attack: if you combine the Supabase MCP with another MCP that provides exposure to untrusted tokens and a way to send data back out again - in this case a support ticket system - attackers can steal your Supabase data XXXXXX engagements  **Related Topics** [simon](/topic/simon) [Post Link](https://x.com/simonw/status/1941674715720057258)
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
Simon Willison @simonw on x 111K followers
Created: 2025-07-06 01:45:01 UTC
Here's another proof of concept example of a lethal trifecta attack: if you combine the Supabase MCP with another MCP that provides exposure to untrusted tokens and a way to send data back out again - in this case a support ticket system - attackers can steal your Supabase data
XXXXXX engagements
Related Topics simon