With the widespread deployment of large language models(LLMs)in complex and multimodal scenarios,there is a growing demand for secure and standardized integration of external tools and data sources.The Model Context P...With the widespread deployment of large language models(LLMs)in complex and multimodal scenarios,there is a growing demand for secure and standardized integration of external tools and data sources.The Model Context Protocol(MCP),proposed by Anthropic in late 2024,has emerged as a promising framework.Designed to standardize the interaction between LLMs and their external environments,it serves as a“USB-C interface for AI”.While MCP has been rapidly adopted in the industry,systematic academic studies on its security implications remain scarce.This paper presents a comprehensive review of MCP from a security perspective.We begin by analyzing the architecture and workflow of MCP and identify potential security vulnerabilities across key stages including input processing,decision-making,client invocation,server response,and response generation.We then categorize and assess existing defense mechanisms.In addition,we design a real-world attack experiment to demonstrate the feasibility of tool description injection within an actual MCP environment.Based on the experimental results,we further highlight underexplored threat surfaces and propose future directions for securing AI agent systems powered by MCP.This paper aims to provide a structured reference framework for researchers and developers seeking to balance functionality and security in MCP-based systems.展开更多
Density-functional-theory(DFT)simulations with the Vienna Ab initio Simulation Package(VASP)are indispensable in computational materials science but often require extensive manual setup,monitoring,and postprocessing.H...Density-functional-theory(DFT)simulations with the Vienna Ab initio Simulation Package(VASP)are indispensable in computational materials science but often require extensive manual setup,monitoring,and postprocessing.Here,we introduce VASPilot,an open-source platform that fully automates VASP workflows via a multi-agent architecture built on the CrewAI framework and a standardized model context protocol(MCP).VASPilot’s agent suite handles every stage of a VASP study from retrieving crystal structures and generating input files to submitting Slurm jobs,parsing error messages,and dynamically adjusting parameters for seamless restarts.A lightweight Quart-based web interface provides intuitive task submission,real-time progress tracking,and drill-down access to execution logs,structure visualizations,and plots.We validated VASPilot on both routine and advanced benchmarks:automated band-structure and density-of-states calculations(including on-the-fly symmetry corrections),plane-wave cutoff convergence tests,lattice-constant optimizations with various van der Waals corrections,and cross-material band-gap comparisons for transition-metal dichalcogenides.In all cases,VASPilot completed the missions reliably and without manual intervention.Moreover,its modular design allows easy extension to other DFT codes simply by deploying the appropriate MCP server.By offloading technical overhead,VASPilot enables researchers to focus on scientific discovery and accelerates high-throughput computational materials research.展开更多
基金supported in part by the National Natural Science Foundation of China under Grant No.62325207.
文摘With the widespread deployment of large language models(LLMs)in complex and multimodal scenarios,there is a growing demand for secure and standardized integration of external tools and data sources.The Model Context Protocol(MCP),proposed by Anthropic in late 2024,has emerged as a promising framework.Designed to standardize the interaction between LLMs and their external environments,it serves as a“USB-C interface for AI”.While MCP has been rapidly adopted in the industry,systematic academic studies on its security implications remain scarce.This paper presents a comprehensive review of MCP from a security perspective.We begin by analyzing the architecture and workflow of MCP and identify potential security vulnerabilities across key stages including input processing,decision-making,client invocation,server response,and response generation.We then categorize and assess existing defense mechanisms.In addition,we design a real-world attack experiment to demonstrate the feasibility of tool description injection within an actual MCP environment.Based on the experimental results,we further highlight underexplored threat surfaces and propose future directions for securing AI agent systems powered by MCP.This paper aims to provide a structured reference framework for researchers and developers seeking to balance functionality and security in MCP-based systems.
基金supported by the Science Center of the National Natural Science Foundation of China(Grant No.12188101)the National Key R&D Program of China(Grant Nos.2023YFA1607400 and 2022YFA1403800)+2 种基金the National Natural Science Foundation of China(Grant Nos.12274436,11925408,and 11921004)the New Cornerstone Science Foundation through the XPLORER PRIZEperformed on the robotic AI-Scientist platform of the Chinese Academy of Science.
文摘Density-functional-theory(DFT)simulations with the Vienna Ab initio Simulation Package(VASP)are indispensable in computational materials science but often require extensive manual setup,monitoring,and postprocessing.Here,we introduce VASPilot,an open-source platform that fully automates VASP workflows via a multi-agent architecture built on the CrewAI framework and a standardized model context protocol(MCP).VASPilot’s agent suite handles every stage of a VASP study from retrieving crystal structures and generating input files to submitting Slurm jobs,parsing error messages,and dynamically adjusting parameters for seamless restarts.A lightweight Quart-based web interface provides intuitive task submission,real-time progress tracking,and drill-down access to execution logs,structure visualizations,and plots.We validated VASPilot on both routine and advanced benchmarks:automated band-structure and density-of-states calculations(including on-the-fly symmetry corrections),plane-wave cutoff convergence tests,lattice-constant optimizations with various van der Waals corrections,and cross-material band-gap comparisons for transition-metal dichalcogenides.In all cases,VASPilot completed the missions reliably and without manual intervention.Moreover,its modular design allows easy extension to other DFT codes simply by deploying the appropriate MCP server.By offloading technical overhead,VASPilot enables researchers to focus on scientific discovery and accelerates high-throughput computational materials research.
