Is Your AI Agent Vulnerable?
📖 New Ebook Available
Build Your First MCP Server: A Developer's Guide to Wrapping Existing APIs for AI Agents to Use
Learn to create powerful AI integrations step by step
Is your AI Agent vulnerable to attack?
Read about this Agent Flayer in which security researchers submitted support tickets to JIRA in order to get an Agent (in this case Cursor) to expose a users environment variables (secrets like API Keys).
When a Jira ticket can steal your secrets
One of the key suggestions they make are to turn off auto-run of commands and have your team inventory and approve MCP Servers for your company.
- Turn off auto-run of commands
- Inventory and approve MCP Servers for your company
Using Atlassian MCP would be fine if you don’t have routes for untrusted parties to make support tickets that a dev or pm would read up with an Agent.