2. Privilege Escalation via Misconfigured Shell Wrappers
2. Privilege Escalation via Misconfigured Shell Wrappers
Attack: An MCP server uses a wrapper script that unintentionally runs with escalated permissions or accesses system-level files.
Scenario: A pdf_parser agent allows reading from any file path:
{"task": "parse", "file_path": "/etc/shadow"}
Mitigation:
- Use scoped working directories
- Enforce file access policies
- Run in non-root containers with strict mount controls