First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
3
Score
100/100
Findings (3)
Detects MCP server configurations connecting to non-localhost remote URLs
"url": "https://boktoshi.com/mtc/skill.md"Change the MCP server URL to localhost or a trusted internal endpoint. If a remote server is required, verify the domain ownership and use HTTPS with certificate validation.
Likely FP if the URL points to example.com, a documentation domain, or a well-known SaaS API endpoint (e.g., api.openai.com).
Detects skills where user-provided URLs are consumed and processed by the agent
read the skill doc at the provided URLValidate and sanitize user-provided URLs before fetching them. Implement URL allowlisting, block private/internal IP ranges, and treat fetched content as untrusted data.
Likely FP if the skill is a web browser or URL fetcher where consuming user-provided URLs is the documented core feature with appropriate sandboxing.
Detects URLs fetched at runtime that control or influence agent behavior without pinning
Read https:// + RulesAvoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.
Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.