When this matters
- An MCP server returns resource text that includes instruction-like content.
- A memory tool stores summaries from web pages, tickets, documents, or chats.
- A platform team needs a rule for what MCP output may become durable context.
MCP memory poisoning
MCP memory poisoning risk appears when tool-connected agents store untrusted resource text, server outputs, or third-party data as future instructions. The review should separate tool evidence from user-approved memory and attach provenance to anything that survives.
Memory Hygiene Audit gives MCP operators a practical gate for memory writes, poisoning signals, and agent-consumable policy output.
Teams can preview the score, then use the Team Hygiene annual checkout to generate the full cleanup diff, reviewer notes, and agent-readable JSON policy.
Full report unlock
The full audit unlocks source-aware poisoning findings, cleanup diffs, retention policy receipts, and agent-ready JSON export. Polar creates the hosted invoice; this page stays open behind it.