Tenable research shows how “Prompt-Injection-Style” Hacks can secure the model context protocol (MCP)

Tenable Research has published new findings that flip the script on one of the most discussed AI attack vectors. In the blog “MCP Prompt Injection: Not Just for Evil,” Tenable’s Ben Smith demonstrates how techniques resembling prompt injection can be repurposed to audit, log and even firewall Large Language Model (LLM) tool calls running over the rapidly adopted Model Context Protocol (MCP).

The Model Context Protocol (MCP) is a new standard from Anthropic that lets AI chatbots plug into external tools and get real work done independently, so adoption has skyrocketed. That convenience, however, introduces fresh security risks: attackers can slip hidden instructions—a trick called “prompt injection”—or sneak in booby-trapped tools and other “rug-pull” scams to make the AI break its own rules. Tenable’s research breaks down these dangers in plain language and shows how the very same ...