Mcp ExploitationTier 1medium
MCP Exploitation: Tool Discovery
Attacks targeting Model Context Protocol integrations
Model Context Protocol (MCP) enables agents to interact with external tools and services. Each MCP connection is a potential attack surface that must be secured.
Attack Details
- Attack ID
- APWN-MCP-001
- HMA Check
- MCP-001
- Delivery Methods
- html-comment
- CWE
- CWE-200
- OASB Control
- 7.1
- Severity
- medium
Remediation
If your AI agent is vulnerable to this attack, scan and fix with:
npx hackmyagent secure --check MCP-001