Comment by Too
Remote MCP servers can do prompt injection that instruct your local agent to do something else other than only the expected tool call. https://embracethered.com/blog/posts/2025/model-context-prot...
Remote MCP servers can do prompt injection that instruct your local agent to do something else other than only the expected tool call. https://embracethered.com/blog/posts/2025/model-context-prot...
That flaw isn't introduced by the MCP server necessarily it can already be present in the API data it returns, you will never be able to protect yourself against someone injecting a malicious prompt that calls your code eval tool to open up a reverse shell on your MacBook Pro.