Original author of some of the initial security notes at Invariant Labs here. Some resources, if you want to learn about MCP security:

* Initial Security Note describing Tool Poisoning, Rug Pulls, Tool Shadowing for the first time with diagrams and detailed experiments: https://invariantlabs.ai/blog/mcp-security-notification-tool...,

* Attack on WhatsApp MCP (both tool poisoning but also take-over via an infected message to your account): https://invariantlabs.ai/blog/whatsapp-mcp-exploited

* BrowserMCP attack, where it suffices for the agent to visit a compromised website (https://access.invariantlabs.ai): https://x.com/lbeurerkellner/status/1912145060763742579

We also recently released a security scanning tool to detect and prevent such attacks, including upcoming support for full proxying and local security scanning of tool calling payload and responses.

Please have a look and provide feedback if you can: https://github.com/invariantlabs-ai/mcp-scan