Definition
Exfiltration is the unauthorized export of secrets or sensitive data from a trusted environment to an attacker-controlled destination.
How it appears in MCP
Secrets may appear in tools/call arguments (pasted by users or inferred by the model) or in responses returned to the model and logged in client history.
Example pattern
Credential leakage via logs, third-party SaaS, and chat transcripts is a recurring theme in security postmortems; MCP adds another conduit when tools echo data or forward arguments to external URLs.
What MCP Trail does on the Guardian path
DLP-style scanning on arguments (and responses where configured) can monitor, block, or redact sensitive patterns before data crosses trust boundaries—subject to product configuration and rule families. Compare upstream vs Guardian behavior with the free MCP Playground where applicable; production guarantees require Guardian in path.
What still needs process
Secret rotation, vault usage, minimizing data in prompts, and vendor review.