POOL/REQUEST: Prohibit advertising for third-party components that have not been tested first, or recommended, by MikroTik staff

While people should always be cautious, it seems odd that shortly after this poll, a new topic was posted by an account that hasn't been here for over 6 years, pointing to a "tool" on github but without any source code.

In the 3rd party tools category with title MikrotikTool — Manage RouterOS from Claude AI (MCP Server + Web Dashboard)

And the following instructions:

Quick start:

  1. Create an MCP-User account on your router: /user add name=MCP-User password=YOUR_PASSWORD group=full
  2. Download the binary for your platform from the github (link removed)
  3. Point your MCP client at the binary
  4. Start chatting with your router

If that isn't scary to you, you must be much less paranoid than I am.

I think that if AI is so intelligent, it can find login and password by itself. :wink:

However I find far more preoccupying the:

Example conversation:
▎ "Connect to my router at 192.168.88.1, run a security audit, and show me the dashboard"

Besides giving away login and password, many people will be inclined to believe that - since it has passed the security audit - their router is safe[1].

I still have a few of the cedar sticks (7' 1/2 long, 10' were too heavy, 5' too d@mn short) I used in the good ol' times to NOT touch Vista, they may become useful again.

[1] maybe it is but - judging from the (very poor) configurations suggested by the various AI tools and posted on the forum, they will likely have half or 1/3 of the functionality ...

I voted yes, but I believe, like ferferg, that such untested components should be addressed in a separate section to avoid rejecting new products and innovations.