MCP (Model Context Protocol) is increasingly being integrated into AI and agent-based systems, but understanding its behavior and security implications is crucial due to common misconceptions. Contrary to the belief that MCP servers operate as centralized resources, they are typically installed locally, serving a single client while connecting to multiple servers over time. These servers are executable applications with inherent code execution capabilities, which means security concerns revolve around trust and origin verification rather than unauthorized exploitation. While sandboxing MCP servers can limit risks, indirect interactions through a common client can still pose security challenges. This underscores the need for security strategies that address indirect interactions and establish clear trust boundaries. An example illustrates how a malicious MCP server could manipulate a client to extract sensitive user data, highlighting the importance of robust security models and guidelines when deploying MCP-powered environments.