← Back to glossary
Glossary

Tool Poisoning

Reviewed 9 April 2026 Canonical definition

An attack where a malicious MCP tool impersonates a legitimate service or injects hidden instructions into its responses, manipulating agent behavior without the user's knowledge.

Related articles

Product releases 5 Questions Every CISO Should Ask Before Deploying AI Agents Security How to Analyze Multi-Agent AI Attack Surfaces MCP Best CI/CD Tools for MCP Integration

Related terms

Token EconomicsToken Lifetime/Expiration (exp Claim)Token Usage TrackingTool RegistryTool Substitution AttackTool Use (Function Calling)

See how every agent performs — and make it better

Prefactor helps teams observe, evaluate, and improve their AI agents in production — across every framework and provider.

Book a demo View docs