Railpath: AI Agent File Security

Railpath is a Python security library that provides granular control over file system access for AI systems, specifically targeting agents built with Large Language Models (LLMs) and Model Context Protocol (MCP) servers. Our solution addresses a critical vulnerability in LLMs where they can be manipulated into accessing unauthorized files, potentially resulting in data exfiltration.

This vulnerability was recently documented in Invariant Labs’ comprehensive report on MCP “tool poisoning” attacks, where researchers demonstrated how seemingly benign prompts could be crafted to bypass intended access controls.

The demonstration will show the security vulnerability in unsecured agents by showcasing how they can be tricked into accessing unauthorized files. We will then contrast this with agents and MCP servers protected by Railpath, illustrating how the solution effectively prevents unauthorized file access through its security controls.