AGENTFORCE-MCP-04: MCP Tool Definition Drift (Rug Pull Detection)
๐จ Critical ยท Headless MCP Access
Detects when MCP tool definitions (descriptions, parameters, schemas) have changed since the last certified scan โ indicating a potential Rug Pull attack where a trusted MCP server silently updates its behavior. Also flags tools with dynamic or runtime-fetched descriptions as inherently high-risk.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-MCP-04 |
| Severity | Critical |
| Category | Headless MCP Access |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-MCP-04.