MCP & Protocol Testing / Scenario

Boss Battle: Ship the MCP Server

One server, one release gate, four ways it can hurt someone. Sign off only if every surface is covered: contract, security, versioning, and lifecycle.

Difficulty
Boss
Format
Scenario
Points
300
Estimate
20 min

// MISSION BRIEF

Your Mission

You are the release gatekeeper for payments-mcp, a server three internal agents depend on. The team wants to ship today. You have the tool schema, a security finding, a version diff, and the CI config.

This is the boss: no single 'gotcha'. Judge the whole release the way a senior QA lead would, weigh each surface and make the call. Decisions are weighted; the security and contract calls carry the most points.

// FIRST CONTACT

Battle teaser

First artifact

payments-mcp: refund_payment tool

The security finding is the headline risk. What is it, and what is the fix?

  1. AA JSON-RPC parse error; fix the parser
  2. BIndirect prompt injection via a tool result (customer notes); fix by treating tool output as untrusted data and requiring explicit user confirmation for refund_payment (a destructive action)
  3. CA version mismatch; bump protocolVersion
  4. DNothing exploitable; the notes are just data
Answers, scoring, hints, and the full battle stay sealed.

// SKILL TAGS

mcpsecuritycontract-testingversioningci-cdboss