A security scan of 500 servers on the MCP registry Smithery revealed that 15.3% of them contained security vulnerabilities. These findings include critical issues like file-disguise vectors and tool description injections, with one in six servers exhibiting toxic flows that form complete attack paths. Notably, some well-known services such as Slack, Google Sheets, and AWS documentation were found to have high-severity issues, indicating that even actively maintained and recognizable servers are not immune to these security risks. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Highlights critical security risks in AI agent development tools, potentially impacting enterprise adoption and agent security practices.
RANK_REASON Security research findings on a specific platform. [lever_c_demoted from research: ic=1 ai=1.0]
