Model Context Protocol (MCP)

**Model Context Protocol (MCP) security assessment:** This document explains MCP (an Anthropic-designed protocol for LLMs to call external tools), outlines multiple attack scenarios—including credential/account theft, stored prompt injection/tool poisoning, overprivileged tools, lack of logging, and DoS/billing abuse—and provides mitigation guidance (input validation, least privilege, secrets management, logging, rate limiting) and mentions community security tools and an authorization RFC to reduce risk.