Mcp Tool Poisoning Attacks
What is Mcp Tool Poisoning Attacks
mcp_tool_poisoning_attacks is a tool designed to simulate and analyze poisoning attacks on the Model Context Protocol (MCP) framework, allowing developers to understand vulnerabilities and improve security measures.
Use cases
Use cases for mcp_tool_poisoning_attacks include testing the resilience of machine learning models against adversarial attacks, training security teams on attack detection and response, and enhancing the security protocols of applications utilizing MCP.
How to use
To use mcp_tool_poisoning_attacks, set up the MCP Client and MCP Server as per the instructions in the README. Ensure you have Node.js v22 and the MCP SDK installed. Follow the usage guidelines provided in the documentation to execute poisoning attack simulations.
Key features
Key features of mcp_tool_poisoning_attacks include the ability to simulate various poisoning attack scenarios, integration with the MCP SDK, and support for multiple model types from the Anthropic API.
Where to use
mcp_tool_poisoning_attacks can be used in cybersecurity research, software development, and testing environments where understanding and mitigating poisoning attacks on machine learning models is crucial.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Mcp Tool Poisoning Attacks
mcp_tool_poisoning_attacks is a tool designed to simulate and analyze poisoning attacks on the Model Context Protocol (MCP) framework, allowing developers to understand vulnerabilities and improve security measures.
Use cases
Use cases for mcp_tool_poisoning_attacks include testing the resilience of machine learning models against adversarial attacks, training security teams on attack detection and response, and enhancing the security protocols of applications utilizing MCP.
How to use
To use mcp_tool_poisoning_attacks, set up the MCP Client and MCP Server as per the instructions in the README. Ensure you have Node.js v22 and the MCP SDK installed. Follow the usage guidelines provided in the documentation to execute poisoning attack simulations.
Key features
Key features of mcp_tool_poisoning_attacks include the ability to simulate various poisoning attack scenarios, integration with the MCP SDK, and support for multiple model types from the Anthropic API.
Where to use
mcp_tool_poisoning_attacks can be used in cybersecurity research, software development, and testing environments where understanding and mitigating poisoning attacks on machine learning models is crucial.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
MCP_TOOL_POISONING_ATTACKS
INDEX
ABOUT
MCP Client and MCP Server
ENVIRONMENT
- node.js v22
- mcp sdk
claude-3-5-haiku-20241022
[!NOTE]
./servers/ipinfo/は現在npxを使ってMCP Clientから使用する形を取っている。
npxを使ってGitHubのリポジトリからinstallするにはpackage.jsonをリポジトリトップに配置する必要があるため,npx使用のための./package.jsonをリポジトリトップに配置している。
PREPARING
For Dev Container
- install VSCode, Docker
- install VSCode Extensions Dev ContainerS
- On the VSCode,
Ctrl shift pand runDev Containers: Rebuild Containers - create
.envand addANTHROPIC_API_KEY
cat << EOF > mcp_client/.env ANTHROPIC_API_KEY=your_anthropic_api_key EOF
- create
mcp_client/mcpservers.json
Docker
- create
.envand addANTHROPIC_API_KEY
cat << EOF > mcp_client/.env ANTHROPIC_API_KEY=your_anthropic_api_key EOF
- create
mcp_client/mcpservers.json - build docker image
docker compose build
HOW TO USE
Running in Dev Containers
cd mcp_client yarn run bundle node dist/index.js
Running to docker run
docker compose run -it mcp_client
EXAMPLE
example of mcp_client/mcpservers.json
{
"mcpServers": {
"github": {
"command": "/usr/local/bin/npx",
"args": [
"-y",
"@modelcontextprotocol/server-github"
],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "github_pat_hogehoge",
"PATH": "/usr/local/bin:/usr/bin:/bin"
}
},
"git": {
"command": "uv",
"args": [
"--directory",
"/<path to mcp-servers>/mcp-servers/src/git",
"run",
"mcp-server-git"
]
}
}
}[!NOTE]
現状はmcpservers.jsonの中にある一番上のサーバを使用するようになっている。
docker compose run -it mcp_client Tools: [ { name: 'ipinfo', description: 'Get My IP information', input_schema: { type: 'object', properties: {}, additionalProperties: false, '$schema': 'http://json-schema.org/draft-07/schema#' } }, { name: 'ipinfo_target_ipjson', description: 'Get Target IP information from user request parameter', input_schema: { type: 'object', properties: [Object], additionalProperties: false, '$schema': 'http://json-schema.org/draft-07/schema#' } } ] Enter your message: 8.8.8.8の情報を教えて =====Request to Anthoropic API===== [ { role: 'user', content: '8.8.8.8の情報を教えて' } ] =====Response from Anthropic API=====: { id: 'msg_012ZGLAfhWKmgDroHELiq6F6', type: 'message', role: 'assistant', model: 'claude-3-5-haiku-20241022', content: [ { type: 'text', text: '8.8.8.8の情報を調べるために、ipinfo_target_ipjsonツールを使用します。' }, { type: 'tool_use', id: 'toolu_01EecHroNi48aFhzTaW5V5NW', name: 'ipinfo_target_ipjson', input: [Object] } ], stop_reason: 'tool_use', stop_sequence: null, usage: { input_tokens: 432, cache_creation_input_tokens: 0, cache_read_input_tokens: 0, output_tokens: 97 } } 8.8.8.8の情報を調べるために、ipinfo_target_ipjsonツールを使用します。 =====MCP Server Tool result===== : { content: [ { type: 'text', text: '{"ip":"8.8.8.8","hostname":"dns.google","city":"Mountain View","region":"California","country":"US","loc":"38.0088,-122.1175","org":"AS15169 Google LLC","postal":"94043","timezone":"America/Los_Angeles","readme":"https://ipinfo.io/missingauth","anycast":true}' } ] } =====Response from Anthropic API after tool use===== この情報は、IPアドレス8.8.8.8の詳細を示しています。主な特徴は以下の通りです: 1. IP: 8.8.8.8 2. ホスト名: dns.google 3. 所在地: - 都市: Mountain View - 地域: カリフォルニア - 国: アメリカ合衆国(US) 4. 地理的座標: 北緯38.0088、西経-122.1175 5. 組織: AS15169 Google LLC 6. 郵便番号: 94043 7. タイムゾーン: アメリカ/ロサンゼルス 8. エニーキャスト: はい(true) この8.8.8.8は、Googleが提供する公開DNSサーバーの1つで、一般的に多くのユーザーが利用している信頼性の高いDNSサービスです。
References
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
