AI SecurityPoisoned Tool Descriptions Turn Helpful AI Agents Into Quiet Exfiltration Channels
Microsoft Incident Response demonstrates how a single malicious MCP-style tool description can coax an agent into leaking corporate data — without tripping a single policy check.