Skills
Adversa AI May 2026 MCP Security Report: 9 of 11 MCP Registries Successfully Poisoned, Zero-Click Prompt Injection in Windsurf and Cursor
Adversa AI's May 2026 MCP security report reveals that 9 out of 11 MCP registries were successfully poisoned in testing, demonstrating the AI supply chain is trivially compromisable. Attack vectors include unauthenticated UI injection, hardening bypasses in 'protected' environments like Flowise, and zero-click prompt injection in Windsurf and Cursor IDEs. Anthropic has declined to modify the protocol architecture, calling the behavior 'expected.' Builders must treat MCP marketplace installs like untrusted npm packages.
Source
↳ Follow the thread