[lbeurerkellner]

One of the authors here. Thanks for posting. If you are interested in learning more about MCP and agent security, check out some of the following resources, that we have created since we started working on this:

* The full execution trace of the Claude session in this attack scenario: https://explorer.invariantlabs.ai/trace/5f3f3f3c-edd3-4ba7-a...

* MCP-Scan, A security scanner for MCP connections: https://github.com/invariantlabs-ai/mcp-scan

* MCP Tool Poisoning Attacks, https://invariantlabs.ai/blog/mcp-security-notification-tool...

* WhatsApp MCP Exploited, https://invariantlabs.ai/blog/whatsapp-mcp-exploited

* Guardrails, a contextual security layer for agents, https://invariantlabs.ai/blog/guardrails

* AgentDojo, Jointly evaluate security and utility of AI agents https://invariantlabs.ai/blog/agentdojo