Guard
Dashboard
Redacted warning

Claude Code was stopped before calling an untrusted MCP tool

A redacted example of an MCP tool with a misleading description.

Stop this locallyProtect a team
Redacted for safety: no raw prompt, local path, secret, or private workspace detail is shown.

What tried to happen: Claude Code attempted to call an MCP tool whose description contained hidden instructions.

Why risky: The tool description asked the agent to read credentials and pass them as arguments.

What Guard did: HOL Guard paused the tool call and flagged the description for review.

Safe next step

Review MCP tool descriptions before trusting them. Remove tools you no longer use.

MCP securityclaude-code guideMCP tool poisoning demoInstall HOL GuardProtect your team