This page collects WhisperX intelligence signals tagged #MCP Protocol. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security gap has been identified in the `mcp probe` tool's verification process, exposing AI agents to direct prompt injection attacks. Currently, when the probe successfully retrieves a `tools/list` response from an MCP server, it only flags authentication-bypass issues and discards the actual response payl...
A significant security gap has been identified in the `mcp probe` tool. The current verification process for MCP (Model Context Protocol) endpoints performs no analysis of Cross-Origin Resource Sharing (CORS) policies, leaving a critical vulnerability unaddressed. This omission is explicitly noted in the project's TODO...
The WAST security tool is set to implement a new `wast mcpscan` command, explicitly targeting the emerging and largely unaudited attack surface of Model Context Protocol (MCP) servers. These servers, which expose tools to AI agents via JSON-RPC 2.0 over stdio, SSE, and HTTP, represent a critical new frontier for securi...