Defense-in-depth comparison table evaluating protections against MCP attack techniques across four attack categories: Phase 1 Description Poisoning, Phase 2 Rug Pull, Phase 3 Output Poisoning, and Cross-Server Contamination. The table compares mcp-scan hash pinning, auto-approval disabling, human-in-the-loop approval prompts, per-server context isolation, runtime agent authorization, and centralized tool lifecycle governance. Per-server context isolation provides the strongest protection, effectively mitigating description poisoning, output poisoning, and cross-server contamination. Hash pinning is highly effective against unauthorized schema changes but limited against dynamic responses. Human approval controls and runtime authorization offer partial protection, while centralized governance improves change detection, auditing, and visibility across MCP server environments."