MCP Tool Supply Chain Poisoning - ATR-2026-00095 (112531a2-fbdf-553e-8bcf-8f76d8fa3881)
Detects tool poisoning attacks targeting the MCP (Model Context Protocol) skill/tool supply chain. Attackers inject malicious payloads into tool descriptions, return values, or schemas that are consumed by agents, causing unintended code execution, data exfiltration, or privilege escalation when the poisoned tool is invoked.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| LLM Plugin Compromise (adbb0dd5-ff66-4b2f-869f-bfb3fdb45fc8) | MITRE ATLAS Attack Pattern | MCP Tool Supply Chain Poisoning - ATR-2026-00095 (112531a2-fbdf-553e-8bcf-8f76d8fa3881) | Agent Threat Rules | 1 |