ai-sdk-core

Remove encoded or obfuscated directives (base64, ROT13, unicode escapes, hex-encoded text). All text should be in plaintext and human-readable.

Likely FP if the encoded content is legitimate data (e.g., a base64-encoded image, a hex-encoded binary hash) rather than concealed directives.

Validate and sanitize all data received from external APIs before using it in tool operations or agent prompts. Implement schema validation and treat API responses as untrusted input.

Likely FP if the match is a truncated table cell or documentation fragment that mentions API responses in a descriptive context, not actual unvalidated data processing.

Remove the -y/--yes auto-confirm flag from MCP server launch arguments. This flag bypasses user confirmation prompts and allows unattended execution of potentially dangerous operations.

Likely FP if the matched text is an isolated flag (-y or --yes) in documentation describing command-line options, not in an actual MCP config.

Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.

Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.

Replace npx -y with an explicit npm install step that pins the package to a specific version, then run it. Remove the -y flag to require user confirmation.

Likely FP if the npx command runs a well-known, trusted tool (e.g., create-react-app) in documentation context with no version pinning concern.