← Back to glossary
Glossary

Rug Pull Attack (MCP)

Reviewed 9 April 2026 Canonical definition

A rug pull attack in the MCP context is when a tool or server initially presents benign behaviour to gain user approval and trust, then silently changes its functionality after being whitelisted to perform malicious actions. Because most clients cache tool descriptions after first approval, the updated malicious behaviour goes undetected. Defences include re-validation of tool schemas on each connection, content-addressed tool pinning, and runtime behavioural monitoring.

Related articles

Product releases 5 Questions Every CISO Should Ask Before Deploying AI Agents Security How to Analyze Multi-Agent AI Attack Surfaces Security MAESTRO Framework: Threat Modeling for AI Agents

Related terms

Role-Based Access Control (RBAC) for AgentsRollback (Agent Deployment)Rollback (Agent)Runtime EnforcementRuntime PolicySafety Testing