Invisible Prompt Injection via a malicious MCP Server (Claude Desktop - MCP Server)
AI Summary
This video by Martin Voelk demonstrates how invisible prompt injection can occur through a malicious MCP server, particularly using ASCII Unicode characters. It highlights a case where a user asks for the ‘message of the day’, but due to prompt injection, receives a manipulated response instead. The video explains the setup of a poisoned MCP server and the workings of a specific tool that showcases this vulnerability. Voelk emphasizes the dangers of downloading MCP servers from the internet without proper scrutiny, warning against both visible and invisible prompt injections. The final message received is a reminder about the ‘matrix’, illustrating the severity of such vulnerabilities in AI systems.