Overview
- Security analysts have defined five major risks in the MCP ecosystem: credential leakage, unverified third-party servers, prompt injections, compromised servers and malicious code execution.
- Credential leakage remains a top concern as MCP clients often store API keys in local configuration files vulnerable to unauthorized access.
- Thousands of community-hosted MCP servers lack verification or maintenance, exposing enterprises to rogue servers set up for token harvesting or malware distribution.
- Prompt injection and compromised server attacks can embed hidden instructions or arbitrary code that prompt AI models to perform unauthorized actions.
- Enterprises are increasingly deploying OAuth authentication, isolating MCP servers in containers and relying on trusted vendor lists to strengthen protocol security.