SAFE-MCP
Security Analysis Framework for Evaluation of MCP
SAFE-MCP is a specification for MCP attack vectors and mitigation techniques, initiated by astha.ai and now part of the OpenID and Linux Foundations, driven by community collaboration.
Who It's For
Role-specific outcomes and quickstart paths
Security Engineers & Red Teams
→ Plan threat modeling & pentesting
Understand what attacks are possible in MCP architectures and systematically plan your security assessments.
Threat Modeling GuideDevelopers / System Architects
→ Embed mitigations early in tool/server pipelines
Identify which techniques apply to your MCP servers or tool pipelines and integrate security from the start.
Developer QuickstartAuditors & Researchers
→ Evaluate maturity & map to existing frameworks
Map SAFE-MCP across existing security frameworks and systematically evaluate MCP system maturity.
Maturity ChecklistFramework Overview
SAFE-MCP adapts the proven MITRE ATT&CK methodology specifically for Model Context Protocol environments, providing a structured approach to understanding and mitigating security risks in agent-tool orchestration.
The framework covers 14 tactic categories and 80+ techniques, each with actionable mitigation and detection guidance.
14 Tactic Categories
Featured Techniques
Tool Poisoning
Adversaries may poison or manipulate MCP tool definitions to execute unauthorized actions.
Prompt Injection
Malicious prompts crafted to bypass safety controls and execute unintended commands.
MCP Rug Pull Attack
Adversaries may consume excessive computational resources to degrade or deny service availability.
What is SAFE-MCP?
A comprehensive security framework built on industry-proven methodologies
MITRE ATT&CK Adaptation
Framework Coverage
Guidance & Mappings
Explore our complete framework documentation and contribute to the community
View Full Documentation