Empirical study of 2,214 MCP servers finds 9.93% of 19,200 description-code pairs inconsistent via a new static-analysis-plus-LLM-prompting framework, with security implications.
Don’t believe everything you read: Understanding and measuring mcp behavior under misleading tool descriptions
3 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
fields
cs.CR 3years
2026 3verdicts
UNVERDICTED 3roles
background 1polarities
background 1representative citing papers
BIV audits AI agent skills at scale, finding 80% deviate from declared behavior on 49,943 skills and achieving 0.946 F1 for malicious skill detection.
VIPER-MCP detects and exploits taint-style vulnerabilities in Model Context Protocol servers via anchor-query static analysis and feedback-driven prompt evolution, uncovering 106 zero-day vulnerabilities across 39,884 repositories with 67 CVEs assigned.
citing papers explorer
-
Description-Code Inconsistency in Real-world MCP Servers: Measurement, Detection, and Security Implications
Empirical study of 2,214 MCP servers finds 9.93% of 19,200 description-code pairs inconsistent via a new static-analysis-plus-LLM-prompting framework, with security implications.
-
Behavioral Integrity Verification for AI Agent Skills
BIV audits AI agent skills at scale, finding 80% deviate from declared behavior on 49,943 skills and achieving 0.946 F1 for malicious skill detection.
-
VIPER-MCP: Detecting and Exploiting Taint-Style Vulnerabilities in Model Context Protocol Servers
VIPER-MCP detects and exploits taint-style vulnerabilities in Model Context Protocol servers via anchor-query static analysis and feedback-driven prompt evolution, uncovering 106 zero-day vulnerabilities across 39,884 repositories with 67 CVEs assigned.