MCPGuard : Automatically Detecting Vulnerabilities in MCP Servers

Large Language Models (LLMs) have undergone continuous advancement, achieving significant breakthroughs in both inference speed and output quality, while increasingly gaining the capability to select and invoke external tools. A growing number of LLM-based agents have emerged--capable not only of engaging in multi-turn dialogues or solving International Mathematical Olympiad (IMO) level problems, but also of autonomously planning actions, making decisions, and interacting with external APIs, databases, and tools when faced with complex tasks. However, disparate databases, web services, and applications remain largely siloed, posing substantial engineering complexity for developers due to the lack of seamless integration and extensibility. To address this challenge, the Model Context Protocol (MCP) [1] has been introduced as a standardized interface for connecting LLMs with external data sources. MCP significantly reduces integration overhead and establishes a secure, trusted communication channel between MCP clients and servers, thereby fulfilling the scalability and interoperability requirements of AI-powered services.