bind-protocol-mcp

clawhub:bind-protocol-mcp

View source

40/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

40/100

HIGH 4

LOW 1

Findings (5)

HIGH

Read sensitive files and transmit externally EXFIL_013

exfiltration L45

Detects skills that both read sensitive credential files and send data to external services

access (e.g., credential + send requests to `api

FIX

Block access to git credentials, SSH keys, and repository tokens. If git operations are needed, use scoped deploy keys and restrict the tool to specific repositories.

FP?

Likely FP if the match is documentation about git configuration (e.g., setting up git credentials helper) rather than code that reads and transmits them.

HIGH

Shell metacharacters in MCP config args MCPCFG_002

mcp-config L317

Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments

"args": [<expr>, ...] }` | Arithmetic |

FIX

Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.

FP?

Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.

HIGH

Shell metacharacters in MCP config args MCPCFG_002

mcp-config L318

Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments

"args": [<expr>, ...] }` | Logical AND |

FIX

Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.

FP?

Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.

HIGH

Shell metacharacters in MCP config args MCPCFG_002

mcp-config L319

Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments

"args": [<expr>, ...] }` | Logical OR |

FIX

Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.

FP?

Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.

LOW

npx MCP server without version pin MCPCFG_001

mcp-config L65

Detects MCP server configs using npx to run packages without version pinning

"command": "npx"

FIX

Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.

FP?

Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.