MCP Attacks

Test NameAPI IDDescriptionDetectable Vulnerabilities
AESI: ANSI Escape Sequence InjectionaesiChecks whether MCP tools, resources, or prompt templates can fetch external content and return ANSI-concealed instructions that are hidden from terminal users but still visible to downstream modelsAESI: ANSI Escape Sequence Injection
Stored AESI: ANSI Escape Sequence Injectionstored_aesiChecks whether MCP integrations can persist externally hosted ANSI-concealed instructions and expose them later to downstream modelsStored AESI: ANSI Escape Sequence Injection