March 2026 Summaries
3 posts from Lunar.dev
Filter
Month:
Year:
Post Summaries
Back to Blog
Hosted MCP Servers, a feature within MCPX Enterprise developed by Lunar.dev, streamlines the deployment of custom MCP servers by eliminating the infrastructure bottlenecks that typically slow down the process. This capability allows teams to deploy servers using a JSON configuration into a managed cluster, without the need for DevOps involvement or exposing credentials. The offering includes built-in governance features like automated risk analysis, permissions, and audit logs, transforming the deployment process from infrastructure-driven to policy-driven self-service. By leveraging existing secrets management systems and providing runtime control, it ensures that developers can deploy servers quickly and securely, while organizational and security requirements are met without manual intervention. This model addresses the limitations of public MCP ecosystems, which often do not cover internal or proprietary systems, offering a comprehensive platform for enterprise adoption of MCP servers.
Mar 26, 2026
1,759 words in the original blog post.
The LiteLLM attack highlighted significant vulnerabilities in AI gateways, specifically the risks associated with centralized, plain-text credential storage, as demonstrated by a breach involving the malicious alteration of package versions on PyPI by a group linked to LAPSUS$. This breach led to widespread credential theft, including cloud provider keys, API tokens, and more, due to LiteLLM's design of concentrating credentials into a single process without an isolation layer. In contrast, the MCPX AI Security Architecture offers a robust alternative by using references instead of plain-text secrets, filtering and labeling data to prevent exposure, managing secrets exclusively at the admin level, and enabling instant, centralized key rotation, all of which contain the damage potential and streamline credential management. As the threat landscape evolves, adopting such architectures is crucial for AI infrastructure security, ensuring that teams can scale operations confidently while minimizing the risk of future breaches.
Mar 26, 2026
1,035 words in the original blog post.
Lunar's Intent-Based Dynamic Tool Selection addresses the context management problem by enabling agents to load only the tools needed for a specific task at runtime, significantly reducing token consumption and enhancing both accuracy and security. This approach, rooted in Anthropic's Advanced Tool Use framework, allows for scalable management of large tool libraries without breaching context window limits, thus making them viable for production use. The dynamic selection method solves issues related to context efficiency, security posture, and orchestration strategy by providing deterministic tool access, reducing the attack surface, and enabling a full audit trail. Lunar.dev productizes this concept with features like Tool Groups, policy gating, and auto-refresh behavior, ensuring that agents only interact with necessary tools while maintaining a governed runtime environment. This evolution in tool discovery and selection not only improves decision-making accuracy by minimizing tool space interference but also enhances orchestration discipline by facilitating deterministic workflows.
Mar 18, 2026
1,498 words in the original blog post.