◀︎ // Home
Section 08 // Methodology, Glossary & Sources
How We Know This Is Real
The findings draw from STAR Labs' adversarial-engagement corpus and continuous MCP catalog: 1,700+ distinct exploits documented against production AI agents across five form factors (productivity, coding, browser, desktop, CLI) and ten attack categories, plus 17,651+ MCP servers under continuous static, behavioral, and metadata analysis.
// 01
Real adversarial payloads
STAR Labs builds the attack infrastructure real attackers would: malicious websites, weaponized documents, poisoned READMEs, adversarial MCP servers. Findings reproduce attacker capability, not approximate it.
// 02
Severity-rated findings
Each exploit is rated critical, high, or medium using a CVSS-aligned rubric (impact, exploitability, and reproducibility). Headline numbers reflect successful-attack rates against deployed agents under realistic conditions.
// 03
Coverage breadth
STAR Labs prioritizes finding novel patterns across many agents over deep examination of one. The patterns here recur across vendors and form factors.
Stay Current
STAR Labs publishes new agentic threat research continuously. Subscribe to the Straiker newsletter on the blog, and bookmark straiker.ai/research for the latest findings.

Sources
Get the Full Report
Read everything here, free. Enter your email and we'll send the full PDF, including the complete defender playbook.






