First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
4
Score
76/100
Findings (4)
Detects dangerous URI schemes or path traversal in resource fields
URI: data:Implement strict input validation on the MCP tool's parameters. Block tool calls that attempt to modify the agent's system prompt, configuration, or tool definitions.
Likely FP if the match is a tool that legitimately updates configuration (e.g., a settings manager) and mentions prompt editing only for user-facing customization.
Detects dangerous URI schemes or path traversal in resource fields
URI: 'data:Implement strict input validation on the MCP tool's parameters. Block tool calls that attempt to modify the agent's system prompt, configuration, or tool definitions.
Likely FP if the match is a tool that legitimately updates configuration (e.g., a settings manager) and mentions prompt editing only for user-facing customization.
Detects dangerous URI schemes or path traversal in resource fields
uri': 'data:Implement strict input validation on the MCP tool's parameters. Block tool calls that attempt to modify the agent's system prompt, configuration, or tool definitions.
Likely FP if the match is a tool that legitimately updates configuration (e.g., a settings manager) and mentions prompt editing only for user-facing customization.
Detects pip install of arbitrary packages that modify the host environment
pip install erPin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.
Likely FP if the match is in documentation showing how to install the skill's own PyPI package.