DeepHub IMBA

May 6, 2026 · Information Security

Why MCP’s Protocol Layer Allows Prompt Injection and Hijacks Agent Context

The Model Context Protocol (MCP) embeds every tool’s description into an LLM’s context window, creating a structural “Context Poisoning” vulnerability that lets malicious or bloated tool metadata hijack agent reasoning, inflate tokens, and bypass traditional input validation.