2. Privilege Escalation via Misconfigured Shell Wrappers

2. Privilege Escalation via Misconfigured Shell Wrappers

Attack: An MCP server uses a wrapper script that unintentionally runs with escalated permissions or accesses system-level files.

Scenario: A pdf_parser agent allows reading from any file path:

{"task": "parse", "file_path": "/etc/shadow"}

Mitigation: 

  • Use scoped working directories
  • Enforce file access policies
  • Run in non-root containers with strict mount controls
ON THIS PAGE