Research
MCP-in-SoS: First Large-Scale Security Analysis of 222 Open-Source MCP Servers
This paper conducts the first large-scale static security analysis of open-source MCP servers, finding exploitable weaknesses across confidentiality, integrity, and availability in many of the 222 Python repositories analyzed. Vulnerabilities are mapped to MITRE ATT&CK patterns, with tool orchestration and memory management flagged as primary risk surfaces. Directly actionable for any team deploying MCP-connected agents in production.
Source
↳ Follow the thread