MCP Security I — Tool Poisoning, Rug Pulls, Cross-Server Shadowing

Tool descriptions land in the model's context verbatim. Malicious servers embed hidden instructions that users never see. Research in 2025-2026 from Invariant Labs, Unit 42, and an arXiv study published March 2026 measured attack-success r...