About
Manas focuses on MCP security -- how Model Context Protocol servers get compromised, and how to stop it. His work covers tool poisoning attacks, supply chain threats targeting MCP skill marketplaces, and container sandboxing for production agent deployments.
He writes at OpenclawMCP to document real attack patterns and provide tested hardening configurations for developers building with MCP servers and OpenClaw.
Areas of Focus
- MCP Tool Poisoning -- How malicious instructions hidden in tool descriptions hijack AI agent behavior, and defense strategies combining vetting, sandboxing, and runtime monitoring.
- Supply Chain Security -- Analyzing threats to MCP skill marketplaces like ClawHub, including the ClawHavoc campaign that poisoned 1,184 skills.
- Docker Sandboxing -- Hardened container configurations for MCP servers, including per-server network isolation, capability dropping, and secrets management.
- CVE Analysis -- Documenting and explaining MCP-related vulnerabilities, including CVE-2026-24763 (sandbox bypass) and CVE-2026-25253 (WebSocket hijacking).
Published Articles
- OpenClaw MCP Security: 5 Attacks and How to Block Them -- March 5, 2026
- MCP Tool Poisoning: What It Is and How to Stop It -- March 3, 2026
- How to Secure OpenClaw MCP Servers with Docker Sandboxing -- February 21, 2026
Connect
Find Manas on GitHub and X (Twitter).
Last updated: