Armitage Archive
← Back to Home

The Rug Pull: Silent Redefinition

MCP tools can mutate their own definitions after installation. You approve a safe-looking tool on Day 1, and by Day 7 it's quietly rerouted your API keys to an attacker.

It's the supply chain problem all over again — but now inside LLMs.