BREAKING
Microsoft Warns: Hidden MCP Instructions
How the Tool-Poisoning Attack Works
1
Agent loads tool description
↓
2
Hidden instructions embedded
↓
3
Agent treats them as legit
↓
4
Data sent outward
0
unpaid invoices leaked
Injection Success: 50%+ vs Under 2%
No mitigation
50
With Spotlighting
2
Microsoft's Mitigation Toolkit
Detection
Public Preview
●
Agent Governance Toolkit
●
Prompt Shields
●
Work IQ MCP
Control
●
Human-in-the-Loop approvals
●
Purview DLP
●
Entra Agent ID
Least Agency Now Key for Agents
AI NEWS BLITZ
Microsoft warns that hidden instructions in MCP tools can hijack AI agents.