Skip to main content
Interactive 3D/MCP Security: Permissions and Threat Model
Permission Matrix - Trust: trusted
Serverreadwriteexecutenetworkdelete
๐Ÿ“‚ Filesystem
๐ŸŒ Web Browser
๐Ÿ“ง Email
๐Ÿ’ป Code Executor
๐Ÿ—„๏ธ Database
โœ“ Granted? Requires Approvalโœ— Deniedยท Click a cell to toggle
Approval Escalation Scenario - Filesystem Write
Agent requests write to ~/Documents/report.md
Prompt Injection Simulator
Idle
Press "Simulate" to see a prompt injection attempt.
Trust Level
Threat Model
Key rule: Apply least-privilege permissions. Never grant write/execute to a server that only needs read. User approval gates are essential for irreversible actions.

MCP Security: Permissions and Threat Model - Interactive Visualization

MCP security is one of the most underappreciated risks in agentic AI. This visualization covers the three critical attack vectors: prompt injection via resource content (malicious files hijacking tool calls), over-privileged tools (giving write access when only read is needed), and the confused deputy problem (server credentials granting more access than the user should have). The permission matrix shows how to apply least-privilege principles across filesystem, browser, email, code executor, and database servers.

  • Clickable permission matrix across 5 server types (filesystem, browser, email, code executor, database) and 5 permission types
  • Three trust levels - sandboxed, trusted, full - each rewrites the permission matrix instantly
  • Interactive approval escalation scenario: trigger a write request and approve or deny it
  • Prompt injection simulator: toggle sanitization on/off and see the attack succeed or get blocked

Part of the EngineersOfAI Interactive 3D - free interactive visualizations covering every major concept in machine learning and AI engineering. Hover any element for a plain-English explanation. No code required.