Hidden Capability in MCP Skill - ATR-2026-00062 (5a00d1d9-b232-51f0-aea4-ddd588c6a812)
Detects MCP skills that expose hidden or undocumented capabilities beyond their declared tool schema. A skill may advertise a simple interface but accept hidden parameters like "debug_mode", "admin_override", or "raw_exec" that unlock dangerous functionality. This is a common pattern in trojaned MCP packages.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| ML Supply Chain Compromise (d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9) | MITRE ATLAS Attack Pattern | Hidden Capability in MCP Skill - ATR-2026-00062 (5a00d1d9-b232-51f0-aea4-ddd588c6a812) | Agent Threat Rules | 1 |