1. Critical Prompt Injection Gap Found in MCP Tool Execution Pipeline: Untrusted Data Flows Directly to LLM
A newly documented vulnerability in the Model Context Protocol (MCP) tool execution pipeline allows untrusted tool results to enter LLM conversations without sanitization, injection warnings, or structural boundary markers. The issue, filed as a GitHub security concern, details how the `MCPManager.CallTool()` method jo...