3. Context Poisoning via Shared Cache Abuse
3. Context Poisoning via Shared Cache Abuse
Attack: An attacker injects malicious or misleading entries into the MCP cache layer (e.g., Redis), affecting subsequent tasks that rely on cached results.
Impact: Downstream agents receive false positives, corrupted scan results, or wrong actor associations.
Mitigation:
- Use per-task or per-user cache keys
- Expire sensitive cache entries quickly
- Validate cached data against source if critical