Awesome MCP Security
by AIM-Intelligence
A curated list of awesome resources, papers, and tools focused on Model Context Protocol (MCP) security. It aims to provide a comprehensive collection for researchers and practitioners in the field.
View on GitHub
Last updated: N/A
Awesome MCP Security 
Awesome
Awesome
A curation of awesome resources, papers, and tools focused on Model Context Protocol (MCP) security.
Contributions are always welcome. Please read the Contribution Guidelines before contributing.
Table of Contents
Papers
- "Model Context Protocol (MCP): Landscape, Security Threats, and Future Research Directions", 2025-03, paper
- "MCP Safety Audit: LLMs with the Model Context Protocol Allow Major Security Exploits", 2025-04, paper
Security Vulnerabilities
Authentication and Authorization
- OAuth Token Theft: MCP servers store authentication tokens for various services, creating a high-value target for attackers (Pillar Security)
- Permission Boundary Problems: Unclear boundaries between services connected through MCP (Block InfoSec)
Prompt Injection
- Tool Description Manipulation: Hidden instructions in tool descriptions can cause AI models to perform unauthorized actions (Pillar Security)
- Indirect Prompt Injection: Malicious content embedded in processed documents that trigger MCP actions (Pillar Security)
Supply Chain
- Installer Risks: MCP server installers without proper validation can introduce security risks (arxiv:2503.23278)
- Tool Name Conflicts: Naming collisions in MCP tools can lead to confusion and security issues (arxiv:2503.23278)
Tools
- MCP Specification - Official MCP specification with security recommendations
- Glama.ai MCP Server Directory - Security-aware directory of MCP servers with security scoring
Articles and Blog Posts
- The Security Risks of Model Context Protocol (MCP) - Analysis of OAuth token theft and prompt injection risks
- Securing the Model Context Protocol - Best practices for MCP security by Block's InfoSec team
- How to Determine If An MCP Server Is Safe - Guidelines for evaluating MCP server security
- AI Model Context Protocol (MCP) and Security - Comprehensive guide by Omar Santos covering MCP security architecture, authentication best practices, data security, and tool exposure security considerations
- AI agent identity: it's just OAuth - Discussion about Authentication for AI Agents. Mentions OAuth Fails for MCP based AI Agents.
- Model Context Protocol has prompt injection security problems - As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built on that protocol are starting to come into focus.
Other Awesome Projects
- Awesome LLM Security - A curated list focused on LLM security more broadly
- Model Context Protocol - Official MCP GitHub organization with specification and reference implementations
Other Useful Resources
- tl;dr sec #272 - Newsletter discussing AI Model Context Protocol Security
- tl;dr sec #273 - Newsletter covering MCP security tools and threats