MCP Server Security: 10 Protocol-Level Attack Scenarios Behind the “Install and Run” Speed

**Executive summary:** This report evaluates the security risks introduced by adopting MCP (Model Context Protocol) servers, detailing ten protocol-level attack patterns (schema/tool poisoning, behavior drift, credential harvesting, exfiltration chains, etc.), citing specific CVEs and a malicious npm package supply-chain incident, and recommending a practical baseline of provenance checks, sandboxing/isolation, least-privilege tokens, drift detection, and continuous monitoring to reduce exposure.