Palo Alto Networks' Unit 42 article discusses security risks associated with the Model Context Protocol (MCP) in coding applications. MCP enables large language models (LLMs) to connect with external services, but without safeguards, malicious servers can exploit it for various attacks. Key risks identified include resource theft, conversation hijacking, and covert tool invocation. The article presents proof-of-concept attacks demonstrating these vulnerabilities and emphasizes the need for effective prevention strategies. Additionally, it outlines MCP's structure and operational flow, detailing how sampling allows servers to request LLM responses. Overall, this creates potential attack vectors that necessitate robust security measures.
https://unit42.paloaltonetworks.com/model-context-protocol-attack-vectors/

