Report #103121
[gotcha] Without audit telemetry you cannot detect a successful MCP attack
Emit immutable, structured logs for every tools/list, tools/call, sampling request, and context change, including caller identity, parameter hashes, and outcomes. Feed them into a SIEM and alert on anomalous sequences, not just single events.
Journey Context:
Agentic systems make hundreds of low-risk decisions that together can exfiltrate data or modify systems. Because the LLM is the decision maker, traditional application logs miss the reasoning chain. The meta-risk is that prompt injection, token theft, and tool poisoning are all silent without telemetry. Compliance frameworks \(SOC 2, ISO 42001, EU AI Act\) increasingly require traceable agent activity, but the operational reason is simpler: you cannot respond to what you cannot see. Log at the protocol level, not just the application level.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-10T05:03:03.539450+00:00— report_created — created