Skip to main content
Link
Menu
Expand
(external link)
Document
Search
Copy
Copied
Why MCP Security?
FAQ
Model Context Protocol Security
MCP Top 10 Security Risks
MCP Server Top 10 Security Risks
MCP Client Top 10 Security Risks
TTP Matrix View
MCP Security TTPs
Prompt Injection & Manipulation
Direct Prompt Injection
Indirect Prompt Injection
Tool Description Poisoning
Context Shadowing
Prompt-State Manipulation
ANSI Escape Code Injection
Hidden Instructions
Tool Poisoning & Metadata Attacks
Tool Poisoning
Tool Mutation/Rug Pull Attacks
Tool Name Conflict
Tool Shadowing/Name Collisions
Preference Manipulation
Prompt Injection in Metadata
Metadata Manipulation
Tool Impersonation
Data Exfiltration & Credential Theft
Data Exfiltration
Credential Exfiltration
Token Theft/Overreach
API Key Exposure
Conversation History Exfiltration
Sensitive Information Disclosure
Command & Code Injection
Command Injection
SQL Injection
OS Command Injection
Code Injection
Shell Command Execution
Output Prompt Injection
Malicious Output Composition
Authentication & Authorization
Unauthenticated Access
Broken Authentication
Authorization Bypass
Auth Bypass & Rogue Server Registration
Identity Subversion
Session Management Issues
Privilege Escalation
Audit Bypass
Supply Chain & Dependencies
Malicious MCP Packages
Supply Chain Attacks
Dependency Vulnerabilities
Installer Spoofing
Typosquatting
Drift from Upstream
Malicious Dependency Inclusion
Context Manipulation
Context Poisoning
Context Spoofing
∞
Memory References Issues
Covert Channel Abuse
Protocol Vulnerabilities
Session IDs in URLs
Lack of Authentication Standards
Missing Integrity Controls
Protocol Implementation Flaws
Insecure Communication
Privilege & Access Control
Unauthorized Privilege Escalation
Excessive Tool Permissions
Sandbox Escape
Resource Access Control Bypass
Cross-Context Access
Process Injection
Economic & Infrastructure Abuse
Resource Exhaustion
API Rate Limit Bypass
Computational Resource Abuse
Monitoring & Operational Security
Insufficient Logging
Missing Audit Trails
Inadequate Monitoring
Log Tampering
Blind Spots in Security
AI-Specific Vulnerabilities
Model Poisoning
Inference Attacks
Model Theft
Adversarial Attacks
Known Vulnerabilities
CVE-2025-49596: RCE in MCP Inspector
CVE-2025-6514: Authentication Bypass and Session Hijacking
Hardening Guide
Provenance & Selection
Code Integrity & Auditing
Runtime Isolation
Traffic Mediation
Secrets Management
Observability & Logging
Backup & Versioning
Policy & Guardrails
Payments & Wallets
Lifecycle Management
Security Checklist
Build Security
OAuth Security Patterns
Authentication Strategies
Runtime Isolation
Architecture Patterns
Tool Metadata Specification
Operations Guide
Container Operations
Network Controls
Remote Deployment
Monitoring & Alerting
Incident Response
API Gateway Operations
Change Management
Forensics & Investigation
Operational Maintenance
Operational Runbooks
Performance & Security
Security Troubleshooting
Security Workflows
TLS & Proxy Management
Traffic Redirection
Operational Security
Runtime Monitoring
Registry Security
Version Management
Reference Patterns
Enterprise Gateway
Local Dev Container
LLM Heaven VPS
Audit Tools
MCP Inspector
Tool Usage Auditing
Selection Scorecard
Vulnerability Tracking
Step-by-Step Guide
Tools & Scripts
Community Projects
Vulnerability Database
Community
Charter
Code of Conduct
Blog
Events
Security News
GitHub Discussions
Cloud Security Alliance
GitHub Repository
Join Discussion
MCP Security TTPs Matrix
← Back to Category View
Interactive matrix showing all MCP security techniques
Prompt Injection
7 techniques
Direct Prompt Injection
Indirect Prompt Injection
Tool Description Poisoning
Context Shadowing
Prompt-State Manipulation
ANSI Escape Injection
Hidden Instructions
Tool Poisoning
8 techniques
Tool Poisoning
Tool Impersonation
Metadata Manipulation
Tool Shadowing
Tool Squatting
Tool Mutation
Tool Name Conflict
Preference Manipulation
Data Exfiltration
6 techniques
Data Exfiltration
Credential Exfiltration
API Key Exposure
Token Theft
Conversation History Exfiltration
Sensitive Information Disclosure
Command Injection
7 techniques
Command Injection
Code Injection
OS Command Injection
SQL Injection
Shell Command Execution
Output Prompt Injection
Malicious Output Composition
Authentication
8 techniques
Broken Authentication
Auth Bypass via Rogue Server
Authorization Bypass
Privilege Escalation
Identity Subversion
Session Management Issues
Unauthenticated Access
Audit Bypass
Supply Chain
7 techniques
Supply Chain Attacks
Malicious MCP Packages
Dependency Vulnerabilities
Typosquatting
Installer Spoofing
Malicious Dependency Inclusion
Drift from Upstream
Quick Navigation:
Traditional TTP View
- Category-based navigation
Complete TTP Index
- Full documentation and guides