Large language models are increasingly extensible. Whether they’re called “skills,” “plugins,” “tools,” or “MCP servers,” the core idea is the same: let an LLM invoke external code, read external data, and act on external instructions. It’s also one of the most serious attack surfaces in modern AI systems. Table Of Contents What’s the problem? Prompt […]