Awesome MCP Security

Awesome MCP Security

Okay, here's a translation of "Security Threats related with MCP (Model Context Protocol), MCP Servers and more" into Chinese, along with some expanded explanations of the potential security threats to help you understand the context better: **Translation:** **中文 (Chinese):** 与 MCP (模型上下文协议)、MCP 服务器及相关内容相关的安全威胁 **Explanation of Potential Security Threats (to help with understanding and context):** To fully understand the security threats, it's important to consider what MCP is and how it's used. Since "Model Context Protocol" isn't a widely known or standardized term, I'll assume it refers to a protocol used to share context or data related to machine learning models. Based on that assumption, here are some potential security threats: * **Data Poisoning:** * **中文 (Chinese):** 数据投毒 (Shùjù tóudú) * **Explanation:** If an attacker can inject malicious data into the MCP server or the data used to train or evaluate the models, they can corrupt the models' behavior. This could lead to the model making incorrect predictions or decisions, potentially causing harm. * **Model Inversion Attacks:** * **中文 (Chinese):** 模型反演攻击 (Móxíng fǎnyǎn gōngjí) * **Explanation:** An attacker might try to reconstruct sensitive training data by querying the model through the MCP server. If the model reveals too much information about the training data, it could compromise privacy. * **Model Extraction Attacks:** * **中文 (Chinese):** 模型提取攻击 (Móxíng tíqǔ gōngjí) * **Explanation:** An attacker could try to create a copy of the model by observing its behavior through the MCP server. This is especially concerning if the model is proprietary or contains valuable intellectual property. * **Denial of Service (DoS) Attacks:** * **中文 (Chinese):** 拒绝服务攻击 (Jùjué fúwù gōngjí) * **Explanation:** An attacker could flood the MCP server with requests, making it unavailable to legitimate users. * **Unauthorized Access:** * **中文 (Chinese):** 未授权访问 (Wèi shòuquán fǎngwèn) * **Explanation:** If the MCP server is not properly secured, unauthorized users could gain access to sensitive data or models. This could involve exploiting vulnerabilities in the server software or using stolen credentials. * **Man-in-the-Middle (MitM) Attacks:** * **中文 (Chinese):** 中间人攻击 (Zhōngjiān rén gōngjí) * **Explanation:** An attacker could intercept communication between clients and the MCP server, potentially eavesdropping on sensitive data or modifying requests and responses. * **Vulnerabilities in MCP Server Software:** * **中文 (Chinese):** MCP 服务器软件中的漏洞 (MCP fúwùqì ruǎnjiàn zhōng de lòudòng) * **Explanation:** The MCP server software itself might contain security vulnerabilities that attackers could exploit to gain control of the server or access sensitive data. * **Injection Attacks (e.g., SQL Injection, Command Injection):** * **中文 (Chinese):** 注入攻击 (Zhùrù gōngjí) (例如,SQL 注入,命令注入) * **Explanation:** If the MCP server uses user-supplied input without proper sanitization, attackers could inject malicious code into the server's database queries or operating system commands. * **Authentication and Authorization Issues:** * **中文 (Chinese):** 身份验证和授权问题 (Shēnfèn yànzhèng hé shòuquán wèntí) * **Explanation:** Weak authentication mechanisms or flawed authorization policies could allow unauthorized users to access or modify data and models. **In summary, the security threats related to MCP, MCP servers, and related content are diverse and depend heavily on the specific implementation and use case. It's crucial to implement robust security measures to protect against these threats.** If you can provide more details about the specific context of MCP in your situation, I can provide a more tailored and accurate translation and explanation.

AIM-Intelligence

研究与数据
访问服务器

README

Awesome MCP Security Awesome

一个精选的关于模型上下文协议 (MCP) 安全的优秀资源、论文和工具列表。

欢迎大家贡献。在贡献之前,请阅读贡献指南

目录

论文

  • "模型上下文协议 (MCP): 概览、安全威胁和未来研究方向", 2025-03, 论文
  • "MCP 安全审计:具有模型上下文协议的 LLM 允许重大安全漏洞", 2025-04, 论文

安全漏洞

身份验证和授权

  • OAuth 令牌盗窃: MCP 服务器存储各种服务的身份验证令牌,为攻击者创造了一个高价值目标 (Pillar Security)
  • 权限边界问题: 通过 MCP 连接的各个服务之间存在不清晰的边界 (Block InfoSec)

Prompt 注入

  • 工具描述篡改: 工具描述中的隐藏指令可能导致 AI 模型执行未经授权的操作 (Pillar Security)
  • 间接 Prompt 注入: 嵌入在已处理文档中的恶意内容会触发 MCP 操作 (Pillar Security)

供应链

  • 安装程序风险: 没有经过适当验证的 MCP 服务器安装程序可能会引入安全风险 (arxiv:2503.23278)
  • 工具名称冲突: MCP 工具中的命名冲突可能导致混淆和安全问题 (arxiv:2503.23278)

工具

文章和博客帖子

其他优秀项目

其他有用资源

推荐服务器

Crypto Price & Market Analysis MCP Server

Crypto Price & Market Analysis MCP Server

一个模型上下文协议 (MCP) 服务器,它使用 CoinCap API 提供全面的加密货币分析。该服务器通过一个易于使用的界面提供实时价格数据、市场分析和历史趋势。 (Alternative, slightly more formal and technical translation): 一个模型上下文协议 (MCP) 服务器,利用 CoinCap API 提供全面的加密货币分析服务。该服务器通过用户友好的界面,提供实时价格数据、市场分析以及历史趋势数据。

精选
TypeScript
MCP PubMed Search

MCP PubMed Search

用于搜索 PubMed 的服务器(PubMed 是一个免费的在线数据库,用户可以在其中搜索生物医学和生命科学文献)。 我是在 MCP 发布当天创建的,但当时正在度假。 我看到有人在您的数据库中发布了类似的服务器,但还是决定发布我的服务器。

精选
Python
mixpanel

mixpanel

连接到您的 Mixpanel 数据。 从 Mixpanel 分析查询事件、留存和漏斗数据。

精选
TypeScript
Sequential Thinking MCP Server

Sequential Thinking MCP Server

这个服务器通过将复杂问题分解为顺序步骤来促进结构化的问题解决,支持修订,并通过完整的 MCP 集成来实现多条解决方案路径。

精选
Python
Nefino MCP Server

Nefino MCP Server

为大型语言模型提供访问德国可再生能源项目新闻和信息的能力,允许按地点、主题(太阳能、风能、氢能)和日期范围进行筛选。

官方
Python
Vectorize

Vectorize

将 MCP 服务器向量化以实现高级检索、私有深度研究、Anything-to-Markdown 文件提取和文本分块。

官方
JavaScript
Mathematica Documentation MCP server

Mathematica Documentation MCP server

一个服务器,通过 FastMCP 提供对 Mathematica 文档的访问,使用户能够从 Wolfram Mathematica 检索函数文档和列出软件包符号。

本地
Python
kb-mcp-server

kb-mcp-server

一个 MCP 服务器,旨在实现便携性、本地化、简易性和便利性,以支持对 txtai “all in one” 嵌入数据库进行基于语义/图的检索。任何 tar.gz 格式的 txtai 嵌入数据库都可以被加载。

本地
Python
Research MCP Server

Research MCP Server

这个服务器用作 MCP 服务器,与 Notion 交互以检索和创建调查数据,并与 Claude Desktop Client 集成以进行和审查调查。

本地
Python
Cryo MCP Server

Cryo MCP Server

一个API服务器,实现了模型补全协议(MCP),用于Cryo区块链数据提取,允许用户通过任何兼容MCP的客户端查询以太坊区块链数据。

本地
Python