MCP Tool Validation

An 8-bit style corporate-tech illustration featuring a glowing digital lock icon symbolizing security through "tools signature hash" on one side, and a scanner emitting wave-like patterns to represent a "content safety scanner" on the other. Abstract geometric shapes symbolize interconnected servers and tools, all depicted in a muted 5-color palette, creating a clean, structured visual. No people or text are present in the image.

Apr 10, 2025

GenAIScript added a few feature to secure Model Context Protocol (MCP) tools and mitigate specific attacks such as rug pull, tool poisoning, or prompt injection.

Starting with v1.127, you can configure the following options as documented here:

tools signature hash to prevent rug pull attacks, where the list of tools is modified without your knowledge.

script({
    mcpServers: {
        playwright: {
            ...,
            toolsSha: "..."
        }
    }
})

prompt injection detect using content safety scanner. This will scan both the tools definition file, to prevent tool poisoning and every tool output, to prevent prompt injection.

script({
    mcpServers: {
        playwright: {
            ...,
            detectPromptInjection: "always"
        }
    }
})

in fact, every tool can be instrumented with content safety scanning.

defTool("fetch", "Fetch a URL", { url: { type: "string" }, },
    async args => ..., {
    detectPromptInjection: "always"
})

Are we done?

There are still many other security aspects to consider when using MCP tools, these features are just a few of them.