Capture Notes
The paper introduces MCPPrivacyDetector, a context-aware static analysis framework for privacy leakage risks in MCP servers.
AI security relevance:
- Frames MCP leakage as protocol-induced: sensitive values may cross the local/LLM boundary through tool returns, logs, or exceptions even without explicit outbound network exfiltration.
- Reports analysis over 10,655 real-world MCP servers and leakage rates above 10%.
- Important for MCP server vetting, tool handler taint analysis, and agent privacy boundaries.
Suggested ingest focus:
- Evidence for MCP as a local-to-global data boundary.
- Add to MCP security, agent tool security, and non-human identity/credential exposure topics.