Credential Leaks
Secrets like API keys or tokens leak through prompts, memory, logs, or tool responses.
Definition
Credential Leaks are an attack on the input layer of the Model Context Protocol (MCP). These occur when authentication credentials or other sensitive secrets are accidentally exposed by agents or MCP tools. This can happen through misconfigured prompts, tool responses that include secrets, or memory and logging systems that fail to redact sensitive fields. Once exposed, credentials can be reused to impersonate users or escalate access.
This attack lives in the input layer of the MCP model, where secrets can enter the agent context unintentionally and propagate into prompts or downstream logic.
How MCP Security Helps
Akto identifies credential exposure across prompts, tool outputs, and memory snapshots by scanning for known secret patterns such as tokens, passwords, and API keys. It redacts exposed credentials in real time, flags tools that return sensitive values, and runs security tests to validate that secrets are never included in agent-facing responses or logs.
