23. MCP security engineering
Defend against prompt injection, confused-deputy attacks, token passthrough, command injection, path traversal, SSRF, malicious schemas, DNS rebinding, and excessive permissions. Apply least privilege, explicit consent, sandboxing, origin validation, and secure secret storage.