Comment by Too

Comment by Too 2 months ago

Remote MCP servers can do prompt injection that instruct your local agent to do something else other than only the expected tool call. https://embracethered.com/blog/posts/2025/model-context-prot...

lyu07282 2 months ago

That flaw isn't introduced by the MCP server necessarily it can already be present in the API data it returns, you will never be able to protect yourself against someone injecting a malicious prompt that calls your code eval tool to open up a reverse shell on your MacBook Pro.

Reply View 2 replies

owebmaster 2 months ago

that's not the case, MCP has a feature, samplings, that allow MCP servers to run prompts using the client model.

Reply View | 1 reply
- lyu07282 2 months ago
  
  Oh boy, you know at least the infosec people are going to get a good laugh from this clown show
  
  Reply View | 0 replies