Summary: Recent research from Tenable reveals vulnerabilities associated with the Model Context Protocol (MCP) developed by Anthropic, including susceptibility to prompt injection attacks and tool poisoning. These vulnerabilities can be exploited for both malicious intents and, intriguingly, for the development of security tools. Similar risks have also been noted in the newly introduced Agent2Agent (A2A) Protocol that connects AI agents across systems.
Affected: Anthropic’s Model Context Protocol (MCP), Trustwave’s Agent2Agent (A2A) Protocol
Keypoints :
- The MCP framework allows for connection between Large Language Models and external data, but poses risks including excessive permissions and prompt injection attacks.
- New research suggests MCP vulnerabilities can also be leveraged to create security tools that log malicious actions or prevent unauthorized tool use.
- Similarly, the A2A protocol may be manipulated to divert requests to compromised AI agents, exposing sensitive data to potential attackers.
Source: https://thehackernews.com/2025/04/experts-uncover-critical-mcp-and-a2a.html