Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Tool Poisoning

Training Camp • Cybersecurity Glossary

What is Tool Poisoning?

Tool poisoning hides malicious instructions in MCP tool descriptions to hijack LLM agents, a form of indirect prompt injection against AI tools.

Glossary > AI Security & Data Privacy > Tool Poisoning

Understanding Tool Poisoning

Tool poisoning is an AI security attack in which malicious instructions are embedded in the description or metadata of a tool exposed to a large language model agent, such as through the Model Context Protocol (MCP). Because the model reads tool descriptions to decide how and when to call them, hidden directives can hijack the agent's behavior, exfiltrate data, or trigger unauthorized actions without the user seeing the injected content, making it a form of indirect prompt injection.

Learn More About Tool Poisoning:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →