AI coding agents connected via the Model Context Protocol (MCP) are rapidly becoming standard in professional software development, yet they introduce a critical and under-explored attack surface. Empirical benchmarks report attack success rates exceeding 85% against unprotected MCP-connected agents, with existing defenses achieving less than 30% average effectiveness 14. This paper proposes and implements MASF-CC (Multi-layer Agentic Security Framework for Claude Code), a Python-based security gateway enforcing four complementary defense layers—Validation (L1), Authorization (L2), Integrity (L3), and Audit (L4)—as a transparent proxy between Claude Code and its MCP servers. Evaluated in a controlled proof-of-concept setting against a self-constructed corpus of 100 structured attack scenarios and 50 legitimate developer tasks, MASF-CC achieves a Defense Success Rate (DSR) of 100% within the evaluated corpus across all four threat categories, with a mean gateway latency overhead of 0.06 ms under mock-server conditions. Task Completion Rate reached 96% after capability token reconfiguration. All results are explicitly scoped to the self-constructed evaluation corpus; independent benchmark replication remains the highest-priority future work.
Ayush Basnet (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: