About · Model Context Problems

what is this

Model Context Problems is a running timeline of publicly disclosed security incidents, vulnerabilities, and design failures in the Model Context Protocol (MCP) ecosystem. Think of it as a public changelog for "agentic AI is harder than we admitted," compiled by someone who finds the situation funny and concerning in roughly equal measure.

what is MCP

The Model Context Protocol is an open standard that lets AI assistants talk to external tools, APIs, databases, and services. The pitch: your assistant gains "context" about the world beyond its training data. Calendars, codebases, filesystems, vector stores, payment rails, whatever.

The pitch is compelling. The implementation, as documented below, has been uneven.

why does this exist

This site exists to:

Centralize publicly disclosed MCP security incidents in one searchable timeline
Raise the bar on what "shipping an agentic feature" actually entails security-wise
Provide a useful primary source for researchers, practitioners, and skeptics
Gently remind everyone that "move fast and break things" hits differently when the thing has root access and a credit card

We're not saying MCP is fundamentally broken. We're saying that connecting language models to sensitive systems via a protocol where tool descriptions are themselves untrusted input requires the kind of security design rigor that the track record so far does not reflect.

isn't this just snark

A little. The tone is tongue-in-cheek because the alternative is dry CVE-database prose, and that genre is already well-covered. The incidents, severities, CVEs, and links are real. The commentary is real opinion, not parody. You can take or leave the editorializing. The data stands on its own.

contributing

Missing an incident? Disagree with a take? Found a typo or a broken source link? Corrections and new incidents are always welcome — email [email protected].