Search papers, labs, and topics across Lattice.
The paper introduces MCPThreatHive, an open-source platform designed to automate the lifecycle of threat intelligence specifically for Model Context Protocol (MCP) ecosystems. It addresses the limitations of existing security tools by providing continuous, multi-source data collection, AI-driven threat extraction and classification based on the MCP-38 taxonomy, and structured knowledge graph storage. The platform fills critical gaps in compositional attack modeling, continuous threat intelligence, and unified multi-framework classification for MCP-based systems.
Existing security tools are blind to critical threat vectors in agentic systems, but MCPThreatHive offers an automated, open-source solution to illuminate and classify these risks.
The rapid proliferation of Model Context Protocol (MCP)-based agentic systems has introduced a new category of security threats that existing frameworks are inadequately equipped to address. We present MCPThreatHive, an open-source platform that automates the end-to-end lifecycle of MCP threat intelligence: from continuous, multi-source data collection through AI-driven threat extraction and classification, to structured knowledge graph storage and interactive visualization. The platform operationalizes the MCP-38 threat taxonomy, a curated set of 38 MCP-specific threat patterns mapped to STRIDE, OWASP Top 10 for LLM Applications, and OWASP Top 10 for Agentic Applications. A composite risk scoring model provides quantitative prioritization. Through a comparative analysis of representative existing MCP security tools, we identify three critical coverage gaps that MCPThreatHive addresses: incomplete compositional attack modeling, absence of continuous threat intelligence, and lack of unified multi-framework classification.
