MCP Threat Modeling and Tool Poisoning
Capture Summary
Paper threat-modeling MCP implementations with STRIDE and DREAD across MCP Host/Client, LLM, MCP Server, external data stores, and authorization server. It focuses empirical evaluation on tool poisoning across major MCP clients.
Relevance
- Useful for converting MCP risks into structured threat models.
- Supports research on client-side validation, model decision path tracking, anomaly detection, and user transparency.
Collection Notes
Collected as current MCP threat-modeling source.