FlowGuard: Evidence-Grounded Security Detection for MCP Interactions
Jul 17, 2026
FlowGuard is a new security detection system for the Model Context Protocol (MCP) that combines semantic analysis with runtime evidence to assess risks in LLM agent tool interactions. In evaluations on an executable benchmark of 1,880 MCP cases, FlowGuard achieved F1 scores of 0.879 and 0.942 for Command Injection and File System Access vulnerabilities, respectively. It also reduced end-to-end latency by up to 2.23x compared to existing dynamic scanners and reported 523 findings across 326 real-world servers.
Why it matters: FlowGuard addresses a critical gap in MCP security by reliably detecting both execution-based and semantic risks in LLM agent tool interactions, improving upon the limitations of current scanners.
Full story at: arXiv Cryptography and Security ↗