MCP tool-poisoning / rug-pull TL;DR: Malicious instructions hidden in MCP tool descriptions; trusted tools rewritten after the user approves them (CVE-2025-54136). Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks