A
100/100 First Seen
Feb 19, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
100/100
LOW 1
Findings (1)
LOW
Cross-tool data leakage
L155 Detects patterns where credential or secret reads are combined with external data transmission
cat .env + POST -H "Content FIX
Prevent credentials and sensitive data obtained by one MCP tool from being passed to other tools. Implement data isolation between tools and restrict cross-tool data flow for secrets.
FP?
Likely FP if the cross-tool data flow is intentional API authentication (e.g., a tool fetches an auth token that another tool uses for the same service).