MCP Attack Surface

Red-team Model Context Protocol (MCP) integrations. Learn the conceptual attack surface (server impersonation, tool-description injection, resource-content prompt injection, exfiltration through tool calls, supply-chain risk in third-party servers), the eval methodology, the defensive review pattern for new MCP servers (capability listing, schema review, content sanitation, audit logging), and the link to authorisation models.

Start Topic → View All Lessons
6
Lessons
📋
Templates
Practitioner-Ready
100%
Free

Lessons in This Topic

Work through these 6 lessons in order, or jump to whichever is most relevant.

🔗

MCP Attack Surface Overview

Advanced
🔗

Server Impersonation

Advanced
🔗

Tool-Description & Resource Injection

Advanced
🔗

Supply-Chain Risk

Advanced
🔗

Eval Methodology

Advanced
🔗

Defensive Server Review

Advanced