Google Repo for all things MCP at Google
github.com> Run an MCP server in Google Cloud
> Deploy to Google Kubernetes Engine (GKE)
It can take only one developer on your team to install a malicious NPM package to summon Shai-Hulud once again and then steal your credentials and breach your MCP server.
After that what else could possibly go wrong?