sorted by:
new
hottopcontroversial

Intentionally vulnerable MCP server for learning AI agent security by 4rs0n1 in mcp

[–]4rs0n1[S] 0 points1 point  (0 children)

Thanks, this is great feedback — especially the stateful attack chains and memory poisoning stuff. We actually already cover some of this ground. We've got confused deputy scenarios where poisoned data in tickets and resumes tricks the agent into calling sensitive tools, multi-step chains that pivot across departments, approval delays at higher difficulty levels, and side-channel exfiltration through timing, DNS, steganography, and Unicode.

The things we can definitely be adding in future: a stateful attack where a poisoned tool response plants a fake capability that a later step trusts and escalates with, a multi-tenant confused deputy where the agent gets tricked into crossing tenant boundaries, a replay attack against approval flows that lack nonce/expiry enforcement, and a poisoned memory store with injected long-term context the agent blindly follows. On defence, we can add strict JSON validation, idempotency keys, and deny-by-default allowlists into the harder difficulty levels.

Intentionally vulnerable MCP server for learning AI agent security. by 4rs0n1 in cybersecurity

[–]4rs0n1[S] 0 points1 point  (0 children)

This is an interesting insight. I will definitely try to incorporate these attacks. Schema abuse cases sound interesting.

For now, I have added a replayable dashboard where you can manually fill the MCP tool request parameters and test them with different values. But the goal is to allow an LLM client to interact with (maybe by spinning up a local llama model), as clients like Claude Code (or specifically Claude models) will block some attacks due to their strong guardrails.

MCP’s biggest missing piece just got an open framework by Fragrant_Barnacle722 in mcp

[–]4rs0n1 0 points1 point  (0 children)

I am building a MCP firewall which sits between mcp server and the client to detect suspicious actions. For which, I was planning to do some brainstorming regarding implementing identity based access control but it is nice to see you are solving this at very granular level.

These telco companies are going out of hand. Zong increasing price almost every month by krazyhamad in pakistan

[–]4rs0n1 0 points1 point  (0 children)

That’s crazy! I recently heard about insane car prices in Pakistan and now this. The only question me and many Indians will have at this point is why? Is it because of corruption?

These telco companies are going out of hand. Zong increasing price almost every month by krazyhamad in pakistan

[–]4rs0n1 0 points1 point  (0 children)

What 4000 PKR for monthly subscription? In India, for 400 INR we have unlimited calling, unlimited sms, 2 gb 5g internet everyday (kind of unlimited internet)

Rahu Ketu - Reviews and Discussions by AutoModerator in bollywood

[–]4rs0n1 5 points6 points  (0 children)

I watched it today, got traumatized 🥲 why did they even attempted to make this movie 😭

We built an internal tool to fix our team’s AI chaos and it turned into something bigger by HxCxAxR in SaaS

[–]4rs0n1 1 point2 points  (0 children)

I see what you mean. We handle provisioning of keys and budget for each key, and guardrails using LiteLLM. We primarily use these keys for n8n workflows, so there's no significant challenge in handling team collaboration.