AI Security Research Portal
conceptactiveConcepts

MCP and Agent Protocol Security

Synthesis

MCP and related agent protocols introduce a new protocol layer for tool discovery, authority propagation, server trust, and malicious tool descriptions.

Evidence Base

This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.

Representative Sources

TitleKindDateTagsRaw
MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extensionindustry_blog2026-06-26amazon-q, coding-agent, credential-theft, cve-2026-12957, mcp, workspace-trustraw
\"What Happens Locally, Leaks Globally\": Detecting Privacy Leakage Risks in MCP Serverspaper2026-06-19agent-security, ai-security, mcp, privacy-leakage, static-analysis, tool-securityraw
AWS Security Agent adds threat modeling, Kiro power and Claude Code plugin, and moreofficial_blog2026-06-17ai-for-security, code-review, coding-agents, mcp, security-agent, strideraw
Game-Theoretic Multi-Agent Control for Robust Contextual Reasoning in LLMspaper2026-06-12ai-security, context-poisoning, mcp, multi-agent-control, prompt-injection, rollbackraw
Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automationgovernment_guidance2026-05-20NSA Artificial Intelligence Security Center, agent-security, automation, government-guidance, mcp-security, security-for-airaw
Model Context Protocol Threat Modeling and Analyzing Vulnerabilities to Prompt Injection with Tool Ppaper2026-03-23Amin Milani Fard, Charoes Huang, Ngoc Phu Tran, Xin Huang, mcp-security, security-for-airaw
Security Requirements for AI Agentsstandards_draft2026-02-28a2a, access-control, agent-identity, multi-agent, security-for-ai, standards-draftraw
Security Threat Modeling for Emerging AI-Agent Protocolspaper2026-02agent-protocols, mcp-security, multi-agent, security-for-ai, threat-modelingraw
OWASP Top 10 for MCPstandard2026OWASP, agent-security, mcp-security, owasp, security-for-ai, taxonomyraw
Securing AI Agent Executionpaper2025-10-24Christoph Bühler, Guido Salvaneschi, Luca Di Grazia, Matteo Biagiola, access-control, agent-securityraw
MCPTox: A Benchmark for Tool Poisoning Attack on Real-World MCP Serverspaper2025-08-19Guanquan Shi, Haifeng Sun, Haohua Du, Haoran Cheng, Suyuan Liu, Xiangyang Liraw
Systematic Analysis of MCP Securitypaper2025-08-18Peng Di, Puzhuo Liu, Sheng Wen, Wanlun Ma, Xi Xiao, Xiaogang Zhuraw

Open Questions

Related