Movatterモバイル変換


[0]ホーム

URL:


Sign in / up
The Register | HPE

AI + ML

'Powerful but dangerous' full MCP support beta for ChatGPT arrives

'Wow this is dangerous' says Django co-creator, while others call feature a 'game-changer'

iconTim Anderson
Mon 15 Sep 2025 //15:15 UTC

OpenAI has added a beta of Developer mode to ChatGPT, enabling full read and write support for MCP (Model Context Protocol) tools, though the documentation describes the feature as dangerous.

Developer community lead Edwin Arbussaid that "in developer mode, developers can create connectors and use them in chat for write actions (not just search/fetch). Update Jira tickets, trigger Zapier workflows or combine connectors for complex automations." Limitations in the initial beta are that developer mode does not work in Team workspaces or in project chats.

Arbus demonstrated how the feature could link ChatGPT to Stripe so that the AI can raise invoices and send them in response to a prompt. There is a Confirm button before an action is taken but this can be disabled for a trusted MCP server by checking an option to "remember for this conversation."

The response from users is enthusiastic in principle. "Full MCP support is a game-changer for devs. Now, building integrations and automating workflows directly in chat is smoother than ever,"said one. Other comments on X state that the feature is "much awaited", will make ChatGPT "10x more practically useful" and that it "changes the game for production workflows." 

Some users have encountered bugs, either with connectors not working, or returning fictional information. One user connected ChatGPT to Atlassian's Jira issue tracking tool, asked it to summarize an issue, andreported that the tool was called, returned data, but that "GPT completely make up the summary, it's something completely different than in the Jira issue."

More serious problems are possible. Thedocumentation states that the feature is "powerful but dangerous, and is intended for developers who understand how to safely configure and test connectors. When using developer mode, watch for prompt injections and other risks, model mistakes on write actions that could destroy data, and malicious MPCs that attempt to steal information."

ChatGPT developer mode comes with a security warning

ChatGPT developer mode comes with a security warning

ChatGPT is popular among mainstream users, not just developers, making it more likely that risks are not understood. "Wow this is dangerous,"said Django co-creator and AI enthusiast Simon Willison. "It comes with plenty of warnings, but we all know how much attention people pay to those. I'm confident that the majority of people messing around with things like MCP still don't fully understand how prompt injection attacks work and why they are such a significant threat."

Acomment on X described how the feature might be used to exfiltrate email data by sending the victim a calendar invite that includes an instruction to ChatGPT to search private emails and send the data to the attacker. This could be triggered by the user asking ChatGPT to "help prepare for their day by looking at their calendar."

Industry adoption of MCP is proceeding at speed, and vendors who do not support it risk being left behind, even though security concerns are a good reason for caution. "Calling out ChatGPT specifically here feels a bit unfair," said a user on Hacker News, observing that others have already shipped similar features. ®


More like these

More about


COMMENTS

More about

More like these

TIP US OFF

Send us news


Other stories you might like

How chatbots are coaching vulnerable users into crisis

Feature From homework helper to psychological hazard in 300 hours of sycophantic validation
AI + ML8 Oct 2025 |21

OpenAI ropes in Korean giants Samsung and SK Hynix to feed its AI megaproject

Duo pledge memory for Stargate to the tune of 900k DRAM wafer starts a month
Storage2 Oct 2025 |4

Managers are throwing entry-level workers under the bus in race to adopt AI

ai-pocalypse Does it work? Inconclusive. Still, 55% of business leaders say that adopting AI is worth the impact on workers
AI + ML10 Oct 2025 |66

Data sovereignty: Don't just tick the box, think outside it

How your data strategy can fuel innovation
Sponsored Feature

Broadcom cozies up to OpenAI for 10 GW custom chip love-in

Every human deserves their own accelerator, says ChatGPT creator
Systems13 Oct 2025 |5

Larry Ellison's latest craze: Vectorizing all the customers

Comment Oracle slurps your data whether you like it or not... for the good and bad of the planet
AI + ML16 Oct 2025 |36

Oracle will have to borrow at least $25B a year to fund AI fantasy, says analyst

Bubble, you say? OpenAI will borrow billions to pay Big Red, who will borrow billions on the hope OpenAI pays it
AI + ML29 Sep 2025 |32

Bank of England smells hint of dotcom bubble 2.0 in AI froth

UK central bank warns of 'sudden correction' in tech stocks
AI + ML8 Oct 2025 |55

AI startup Augment scraps 'unsustainable' pricing, users say new model is 10x worse

Second huge increase in six months sees some devs heading for the exit
AI + ML15 Oct 2025 |25

OpenAI GPT-5: great taste, less filling, now with 30% less bias

AI model maker touts effort to depoliticize its product
AI + ML10 Oct 2025 |51

Shadow AI: Staffers are bringing AI tools they use at home to work, warns Microsoft

Bring Your Copilot To Work Day, anyone?
AI + ML14 Oct 2025 |30

OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance

It also banned some suspected Russian accounts trying to create influence campaigns and malware
Cyber-crime7 Oct 2025 |5

[8]ページ先頭

©2009-2025 Movatter.jp