We Audited 7 Official MCP Servers — 6 Got F

An audit of Anthropic's Model Context Protocol (MCP) servers found that 6 out of 7 had alarmingly bad prompt-level defenses, making them vulnerable to prompt injection. This issue stems from the trust contract between AI agents and tool descriptions, similar to recent "Comment & Control" disclosures.