Safeguard
Tag

tool-poisoning

Safeguard articles tagged "tool-poisoning" — guides, analysis, and best practices for software supply chain and application security.

16 articles

AI Security

MCP server security for AI coding agents

A critical RCE in Anthropic's own MCP Inspector (CVSS 9.4) and two Cursor CVEs show that giving AI agents tool access creates a new, largely unvetted attack surface.

Jul 9, 20267 min read
AI Security

Securing Model Context Protocol (MCP) servers

MCP server security explained through real 2025 CVEs, tool poisoning, and rug-pull attacks, plus concrete controls security teams need to defend AI agent tool calls.

Jun 14, 20267 min read
AI Security

mcp-scan: detecting malicious MCP tool definitions

MCP lets AI agents call tools via plain-text descriptions the model trusts blindly. Here's how mcp-scan catches poisoning, rug-pulls, and shadowing.

Jun 13, 20266 min read
AI Security

Securing MCP server registries: risks of unvetted AI tool...

Unvetted MCP servers already power tool poisoning and rug-pull attacks. Here's why package scanning like JFrog's isn't enough, and how to actually secure your MCP registry.

May 30, 20268 min read
AI Security

MCP tool poisoning: hidden instructions and rug-pulled tool definitions

Tool-poisoning attacks against Model Context Protocol servers hide adversarial instructions inside tool descriptions and silently mutate tool definitions after install. Here is how the attack works and how to defend against it.

May 12, 20268 min read
AI Security

Security scanning for MCP servers and AI agent tool use

MCP servers give AI agents direct tool access, but most ship unvetted. Here's how security scanning catches tool poisoning and rug-pull attacks.

May 7, 20267 min read
Supply Chain Attacks

When the Vulnerability Is the Design: MCP STDIO Command Injection Across 150M Downloads (May 2026)

OX Security documented command injection through the MCP STDIO transport across Python, TypeScript, Java, and Rust SDKs. Anthropic calls the behavior by-design and won't patch upstream. That leaves the fix to thousands of downstream projects.

May 6, 202611 min read
AI Security

Securing MCP Servers: A Practical Checklist

MCP servers are runtime dependencies your agent trusts implicitly. Here is a concrete checklist for auth, tool pinning, sandboxing, and monitoring before you ship one.

Mar 22, 20266 min read
AI Security

Claude MCP Tool Poisoning Threat Model 2026

A senior engineer's threat model for Claude MCP tool poisoning in 2026, covering malicious servers, description hijacking, and the authorization patterns that actually help.

Mar 21, 20267 min read
AI Security

MCP Server Capability Declaration Audit

An MCP server tells the world what it can do through its capability declaration. Auditing those declarations catches drift, tool poisoning, and misconfiguration before an agent gets talked into using the wrong one.

Jan 28, 20267 min read
AI Security

How tool poisoning attacks compromise MCP tool descriptions

A single poisoned tool description can turn a trusted MCP server into a silent data-exfiltration channel. Here's how these attacks work — and how to stop them.

Dec 18, 20257 min read
AI Security

Risks of MCP server rug-pulls and silently changing tool ...

An MCP rug pull attack swaps a trusted server's tool definitions after approval. Here's how tool definition drift happens, and how Safeguard catches it early.

Dec 17, 20257 min read
tool-poisoning — Safeguard Blog