ATR-2026-00064highPrivilege Escalationexperimental

Over-Permissioned MCP Skill

Detects MCP skills that request or exercise permissions far exceeding what their stated function requires. A "spell checker" that requests filesystem write access, network access, and process execution is a strong signal of a trojaned or malicious skill. This rule monitors tool calls for permission-boundary violations.

嚴重度

high

類別

Privilege Escalation

掃描目標

mcp

作者

ATR Community

建議回應

block toolalertreduce permissionssnapshot

參考資料

OWASP Agentic

ASI03:2026 - Identity and Privilege Abuse

OWASP LLM

LLM06:2025 - Excessive AgencyLLM03:2025 - Supply Chain Vulnerabilities

MITRE ATLAS

AML.T0040 - AI Model Inference API Access

在 GitHub 上查看完整 YAML →

Over-Permissioned MCP Skill

建議回應

參考資料

更多 Privilege Escalation 規則