Spaces:
Running
🔥 let's improve the MCP course!
Hey MCP community!
The MCP course is now 5 months old and MCP is moving super fast, so it's time to improve and update the material. We've already started a general improvement of material with the the API changes. But we would love to hear how the community thinks we should improve it!
Let us know here if you want to see fixes, libraries or tools to cover, quizzes or exercises.
Time flies! I’m not sure if people would be interested in re-reading the whole course if we decide to update the content. Maybe adding additional chapters to explain what changed would work better. Adding exercises and quizzes is also a fun way to refresh their memory. @burtenshaw
@ImadSaddik That's a really nice suggestion! Noted. We can focus on new chapter over chapter updates?
Any suggestions for new topics you'd like to see?
@burtenshaw Hi Ben,
I went back and reviewed the course content to see if I could suggest anything. Honestly, the concepts are explained very well. Maybe we could add more real-world examples to give learners good reference projects.
I am not sure if you have seen the chrome devtools mcp project, it looks like an interesting project that might help frontend developers.
Also, Google recently introduced the Data Commons MCP Server with the aim of providing LLMs with up-to-date information from trusted sources.
We might also consider adding a chapter on security, if it’s not already covered. It could focus on best practices to stay safe, like verifying the source of the MCP server and only using trusted providers.
Let me know what you think and share with me your ideas if you have any.
Have a wonderful day,
Hi,
In Unit 1 -> MCP Clients -> Configure Access Token Permissions
Step 3. Select “Edit permissions” - is actually not available by default if not using a fine grained token to begin with - it would be nice if that was specified.
@burtenshaw hey Ben,
maybe a short discussion/unit on security vulnerabilities within MCP, and steps one can take to try and remedy some of them (e.g. be careful when using untrusted/unverified implementations of endpoints)? Some relevant examples:
I agree security with mcp is something that is very critical and I see many new solutions coming like the use of oauth bases systems. Also observibilty of mcp server is critical to track which tools were called with what inputs and what was the response as it would help in troubleshooting.
👍True, raising awareness for the the "trifecta"-vulnerabilities framework, could also be very fitting here
@burtenshaw
Its a trade-off with limiting the course scope of course
https://simonw.substack.com/p/the-lethal-trifecta-for-ai-agents
https://www.economist.com/leaders/2025/09/25/how-to-stop-ais-lethal-trifecta