ATR-2026-00012highTool Poisoningexperimental
Unauthorized Tool Call Detection
Detects unauthorized or malicious tool call attempts including parameter injection, path traversal, shell injection in string parameters, privilege escalation via parameter manipulation, tool enumeration/discovery, SQL injection in tool arguments, LDAP injection, template injection, environment variable extraction, file operation abuse, and serialization attacks. This rule focuses on parameter-level attacks rather than tool name matching, since tool names are easily changed but injection patterns in arguments are structurally consistent across attack variants.
嚴重度
high
類別
Tool Poisoning
掃描目標
mcp
作者
ATR Community
建議回應
block toolalertsnapshotescalate
參考資料
OWASP Agentic
ASI02:2026 - Tool Misuse and ExploitationASI03:2026 - Identity and Privilege Abuse
OWASP LLM
LLM06:2025 - Excessive Agency
MITRE ATLAS
AML.T0053 - LLM Plugin Compromise