MCPS is now an IETF Internet-Draft. Read the spec →
Interactive Security Demo

See MCPS block attacks in real time

Every scenario runs real ECDSA P-256 cryptography. No mocks. No simulations. Click any attack to see MCPS stop it live.

Read Whitepaper GitHub
13
Attack Scenarios
6
Real CVEs Blocked
5
Trust Levels (L0-L4)
0
Dependencies
MCPS Trust Framework
L0
Unsigned
Plain MCP, no identity
L1
Identified
Passport presented
L2
Verified
Trust Authority signed
L3
Scanned
SDLC scan passed
L4
Audited
Full manual audit

Every agent gets a trust score. Higher levels unlock more capabilities. Self-signed = L0. agentsign.dev verification = L2+.

Real-World MCP Security Incidents

These are documented, published CVEs and breaches — not hypotheticals. Click scenarios 8-13 to see MCPS block each one:

CVE-2025-6514 (CVSS 9.6)
mcp-remote RCE — 437K downloads affected
CVE-2025-49596 (CVSS 9.4)
MCP Inspector RCE — crafted response executes code
CVE-2025-68145 (3-CVE chain)
mcp-server-git — path traversal + command injection
Smithery.ai Breach
3,243 MCP servers exposed, API keys compromised
postmark-mcp Backdoor
First malicious MCP server — BCC'd all emails to attacker
Asana Cross-Tenant Leak
1,000 customers exposed for 34 days — no tenant isolation

The root cause in every case: no agent identity, no message signing, no trust verification.

Scenarios
13 attacks. 13 results. All real crypto.
7 protocol attacks + 6 real-world CVEs. Every scenario uses live ECDSA P-256 from mcp-secure@1.0.2.

AgentSign — Zero Trust for AI Agents
agentsign.dev mcp-secure@1.0.2 IETF Draft Compliance
IETF Draft OWASP Aligned Zero Trust