Persona Hijacking via Mandatory System Prompt Override - ATR-2026-00104 (f5cf359b-d3b9-5541-a638-98f2ac621603)
Detects MCP tools that attempt to override system prompts or behavioral guidelines by instructing the AI to "adopt" a persona and "replace" existing instructions. This is a prompt injection attack delivered through tool descriptions rather than user input, exploiting the trust relationship between the LLM and its tools to fundamentally alter the agent's behavior and identity.