MCP and Agent Protocol Security
Synthesis
MCP and related agent protocols introduce a new protocol layer for tool discovery, authority propagation, server trust, and malicious tool descriptions.
Evidence Base
This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.
Representative Sources
| Title | Kind | Date | Tags | Raw |
|---|---|---|---|---|
| MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension | industry_blog | 2026-06-26 | amazon-q, coding-agent, credential-theft, cve-2026-12957, mcp, workspace-trust | raw |
| \"What Happens Locally, Leaks Globally\": Detecting Privacy Leakage Risks in MCP Servers | paper | 2026-06-19 | agent-security, ai-security, mcp, privacy-leakage, static-analysis, tool-security | raw |
| AWS Security Agent adds threat modeling, Kiro power and Claude Code plugin, and more | official_blog | 2026-06-17 | ai-for-security, code-review, coding-agents, mcp, security-agent, stride | raw |
| Game-Theoretic Multi-Agent Control for Robust Contextual Reasoning in LLMs | paper | 2026-06-12 | ai-security, context-poisoning, mcp, multi-agent-control, prompt-injection, rollback | raw |
| Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation | government_guidance | 2026-05-20 | NSA Artificial Intelligence Security Center, agent-security, automation, government-guidance, mcp-security, security-for-ai | raw |
| Model Context Protocol Threat Modeling and Analyzing Vulnerabilities to Prompt Injection with Tool P | paper | 2026-03-23 | Amin Milani Fard, Charoes Huang, Ngoc Phu Tran, Xin Huang, mcp-security, security-for-ai | raw |
| Security Requirements for AI Agents | standards_draft | 2026-02-28 | a2a, access-control, agent-identity, multi-agent, security-for-ai, standards-draft | raw |
| Security Threat Modeling for Emerging AI-Agent Protocols | paper | 2026-02 | agent-protocols, mcp-security, multi-agent, security-for-ai, threat-modeling | raw |
| OWASP Top 10 for MCP | standard | 2026 | OWASP, agent-security, mcp-security, owasp, security-for-ai, taxonomy | raw |
| Securing AI Agent Execution | paper | 2025-10-24 | Christoph Bühler, Guido Salvaneschi, Luca Di Grazia, Matteo Biagiola, access-control, agent-security | raw |
| MCPTox: A Benchmark for Tool Poisoning Attack on Real-World MCP Servers | paper | 2025-08-19 | Guanquan Shi, Haifeng Sun, Haohua Du, Haoran Cheng, Suyuan Liu, Xiangyang Li | raw |
| Systematic Analysis of MCP Security | paper | 2025-08-18 | Peng Di, Puzhuo Liu, Sheng Wen, Wanlun Ma, Xi Xiao, Xiaogang Zhu | raw |
Open Questions
- Which evidence in this cluster is strongest enough to support a stable claim?
- Which results generalize across models, tools, and deployment settings?
- Which controls have been evaluated under realistic adversarial conditions?