SAFE-MCP ATT&CK Matrix

Security Analysis Framework for MCP Threats

78 Techniques • 14 Tactics

Reconnaissance

TA0043

No techniques documented

Initial Access

TA0001

T1001

Tool Poisoning

T1002

Supply Chain

T1003

Malicious Server

T1004

Impersonation

+3 more techniques

Execution

TA0002

T1101

Command Injection

T1102

Prompt Injection

T1103

Function Spoofing

T1104

Tool Abuse

+3 more techniques

Persistence

TA0003

T1201

Rug Pull Attack

T1202

Token Persistence

T1203

Backdoor Binary

T1204

Memory Implant

+2 more techniques

Privilege Escalation

TA0004

T1301

Tool Shadowing

T1302

High-Priv Abuse

T1303

Sandbox Escape

T1304

Credential Relay

+3 more techniques

Defense Evasion

TA0005

T1401

Line Jumping

T1402

Steganography

T1403

Consent Fatigue

T1404

Response Tamper

+3 more techniques

Credential Access

TA0006

T1501

Schema Poisoning

T1502

File Credential

T1503

Env-Var Scraping

T1504

Token Theft

+3 more techniques

Discovery

TA0007

T1601

Server Enumeration

T1602

Tool Enumeration

T1603

Prompt Disclosure

T1604

Version Enum

+2 more techniques

Lateral Movement

TA0008

T1701

Cross-Tool Contam

T1702

Memory Poisoning

T1703

Tool-Chain Pivot

T1704

Server Pivot

+3 more techniques

Collection

TA0009

T1801

Data Harvesting

T1802

File Collection

T1803

Database Dump

T1804

API Harvest

+1 more techniques

Command & Control

TA0011

T1901

Webhook C2

T1902

Covert Channel

T1903

Malicious Server

T1904

Chat Backchannel

Exfiltration

TA0010

T1910

Covert Exfil

T1911

Param Exfil

T1912

Stego Response

T1913

HTTP POST

+1 more techniques

Impact

TA0040

T2101

Data Destruction

T2102

Service Disruption

T2103

Code Sabotage

T2104

Fraud Transaction

+1 more techniques

Critical

21

High Risk

30

Medium Risk

19

Low Risk

3