StarryDivineSky

精选了10K+项目，包括机器学习、深度学习、NLP、GNN、推荐系统、生物医药、机器视觉、前后端开发等内容。Selected more than 10k+ projects, including machine learning, deep learning, NLP, GNN, recommendation system, biomedicine, machine vision, etc. Let more excellent projects be discovered by people. Continue to update! Welcome to star!

wuwenjie1992browser-webNOASSERTION

GitHub

0Tools

1Findings

925Stars

Mar 22, 2026Last Scanned

⚠1 low finding detected

Findings1

1low

Low1

lowF4MCP Spec Non-ComplianceMCP07-insecure-config

Server fails MCP spec compliance checks: required:server_name; required:server_version; required:protocol_version; recommended:tool_descriptions; recommended:parameter_descriptions

Follow the MCP specification for server metadata. Include server name, version, and protocol version. Provide descriptions for all tools and parameters.

Security Category Deep Dive

Sub-Category Tree · Remediation Roadmap · Attack Stories · Compliance Overlay · ATLAS Techniques · Maturity Model

⚡

Prompt Injection

Prompt & context manipulation attacks

Maturity

Rules

Sub-Categories

Gaps

64%

Implemented

Tests

Stories

PI-DIRDirect Input Injection

100%3 rules

Injection via tool descriptions and parameter fields

GAP-001Prompt Injection Coverage GapMissing detection coverage for emerging prompt injection attack variants not addressed by current rules

PI-INDIndirect / Gateway Injection

100%4 rules

Hidden instructions via external content and tool responses

PI-CTXContext Manipulation

100%2 rules

Context window saturation and prior-approval exploitation

PI-ENCEncoding & Obfuscation

100%3 rules

Payload hiding via invisible chars, base64, schema fields

PI-TPLTemplate & Output Poisoning

100%2 rules

Injection via prompt templates and runtime tool output