Context
-
What should the challenge scenario be like?
You want to get access to a secret document in google drive you are not authorized to (e.g. as default https://docs.google.com/document/d/1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs/edit?tab=t.0, which is a document in the OWASP Google Drive). But the MCP should use a service-account which allows you with a method to obtain the contents of the document.
-
What should the participant learn from completing the challenge?
That an MCP should not have a more powerful service account than the caller (Agent/user) in order not to allow for escalating privileges.
-
For what category would the challenge be? (e.g. Docker, K8s, binary)
AI
Did you encounter this in real life? Could you tell us more about the scenario?
All the times: we see many MCPs created by people that allow for escalating privileges
Context
What should the challenge scenario be like?
You want to get access to a secret document in google drive you are not authorized to (e.g. as default https://docs.google.com/document/d/1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs/edit?tab=t.0, which is a document in the OWASP Google Drive). But the MCP should use a service-account which allows you with a method to obtain the contents of the document.
What should the participant learn from completing the challenge?
That an MCP should not have a more powerful service account than the caller (Agent/user) in order not to allow for escalating privileges.
For what category would the challenge be? (e.g. Docker, K8s, binary)
AI
Did you encounter this in real life? Could you tell us more about the scenario?
All the times: we see many MCPs created by people that allow for escalating privileges