Mitigating Tool Squatting and Rug Pull Attacks in Model Context Protocol (MCP)

3 months ago 3

[Submitted on 2 Jun 2025]

View PDF HTML (experimental)

Abstract:The Model Context Protocol (MCP) plays a crucial role in extending the capabilities of Large Language Models (LLMs) by enabling integration with external tools and data sources. However, the standard MCP specification presents significant security vulnerabilities, notably Tool Poisoning and Rug Pull attacks. This paper introduces the Enhanced Tool Definition Interface (ETDI), a security extension designed to fortify MCP. ETDI incorporates cryptographic identity verification, immutable versioned tool definitions, and explicit permission management, often leveraging OAuth 2.0. We further propose extending MCP with fine-grained, policy-based access control, where tool capabilities are dynamically evaluated against explicit policies using a dedicated policy engine, considering runtime context beyond static OAuth scopes. This layered approach aims to establish a more secure, trustworthy, and controllable ecosystem for AI applications interacting with LLMs and external tools.

Submission history

From: Vineeth Sai Narajala [view email]
[v1] Mon, 2 Jun 2025 05:22:38 UTC (2,726 KB)

Read Entire Article
  1. Homepage
  2. Technology
  3. Mitigating Tool Squatting and Rug Pull Attacks in Model Context Protocol (MCP)

Related

Spiraling Housing Costs Behind Plummeting Birth Rate: Study

Spiraling Housing Costs Behind Plummeting Birth Rate: Study

8 minutes ago 0
Singapore to trial tokenised bills, bring in stablecoin laws -central bank chief

Singapore to trial tokenised bills, bring in stablecoin laws...

10 minutes ago 0
Show HN: One prompt mobile apps deployed to app store

Show HN: One prompt mobile apps deployed to app store

10 minutes ago 1
Hostinger Web Hosting