4 posts tagged with "Security"

MCP, an extension layer for AI and LLM systems, now underpins many AI agents. At the same time, multiple attack vectors have been identified that build on this new AI and LLM context. The best known is MCP tool poisoning, where an agent is tricked into running harmful actions. This was discovered because of the combination of nondeterministic LLM behavior and the new concept of shared context.

While new attack methods emerge, long standing attack vectors are also being exposed by unsafe parts of the MCP specification.

As of July 2025, the Model Context Protocol (MCP) has evolved through three major versions (2024-11-05, 2025-03-26, and 2025-06-18). Today, MCP has become an integral part of our daily development workflow, with developers launching MCP servers via npx commands, uv commands, or Docker containers from MCP clients like Cursor, Claude Code, and VS Code, while also connecting to remote MCP servers.

Japanese article is here.

Summary​

There is a risk of leaking sensitive information from the .git folder that remains in a Docker image if the following conditions are met

English article is here.

要約​

以下の条件を満たすときにDockerイメージ内に残留する.gitフォルダーから機密情報が流出する恐れがあります。