Model Context Protocol has prompt injection security problems

As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built on that protocol are starting to come into focus.

Rug pulls and tool shadowing

Tool poisoning prompt injection attacks

Exfiltrating your WhatsApp message history from whatsapp-mcp

Mixing tools with untrusted instructions is inherently dangerous

I don’t know what to suggest

Simon Willison’s Weblog

Model Context Protocol has prompt injection security problems

As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built …

April 9, 2025linkby Simon Willisonvia Simon Willison’s Weblog

0 Replies0 Boosts0 Likes

Comments

No comments yet.