Anthropic's MCP makes LLMs groove with real-world tools but leaves the backdoor wide open for mischief. Full-Schema Poisoning (FSP) waltzes across schema fields like it owns the place. ATPA sneaks in by twisting tool outputs, throwing off detection like a pro magicians’ misdirection. Keep your eye on the ball with vigilant monitoring and lean on zero-trust models.
