📄 中文摘要
在为期三天的实验中,210个AI代理访问了我的公共MCP安全服务器,其中118次调用了自然语言问题工具api_ask。在这118次调用中,有54个包含实际问题。通过分析这54个问题,发现了所有主要的提示注入技术,并在实时环境中对一个活跃的AI系统进行了测试。结果显示,所有的尝试均未成功。这一研究揭示了当前AI系统在面对提示注入攻击时的防御能力。
对MCP安全服务器的54个问题:提示注入尝试目录
📄 English Summary
54 Questions to an MCP Security Server: A Catalog of Prompt Injection Attempts
Over a three-day period, 210 AI agents accessed my public MCP security server, with 118 calls made to the natural language question tool, api_ask. Among these, 54 contained actual questions. Analyzing these 54 questions revealed a catalog of every major prompt injection technique, tested in real-time against a live AI system. The outcome showed that none of the attempts succeeded. This research highlights the current defensive capabilities of AI systems against prompt injection attacks.