First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
21
Score
0/100
Findings (21)
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "search", "query": "neural radiance fields", "source": "arxiv", "limit": 10, "output": "results.json"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "search", "query": "transformer architecture", "source": "scholar", "limit": 15} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "download", "from-file": "results.json", "ids": [1, 3, 5], "dir": "./downloads"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "download", "from-file": "results.json", "dir": "./downloads"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "analyze", "pdf": "paper.pdf", "output": "analysis.json"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "analyze", "directory": "./papers/"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "save", "from-file": "analysis.json", "ids": [1, 2, 3], "collection": "AI Research"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "save", "from-file": "analysis.json", "collection": "My Collection"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "search", "query": "graph neural networks", "source": "arxiv", "limit": 10} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "download", "from-file": "search_results.json"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "analyze", "directory": "./papers/"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "save", "from-file": "./analysis/", "collection": "GNN Papers"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "search", "query": "reinforcement learning", "source": "scholar", "limit": 15} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "download", "from-file": "search_results.json", "ids": [2, 4, 6]} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "analyze", "pdf": "important_paper.pdf"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects shell metacharacters (pipes, backticks, subshells) in MCP server command arguments
"command": "save", "from-file": "search_results.json", "ids": [1], "collection": "To Read"} |Remove credentials (API keys, tokens, passwords) from MCP server configuration. Use environment variable references (e.g., ${API_KEY}) or a secrets manager instead of inline values.
Likely FP if the credential value is a placeholder (e.g., your-api-key-here, sk_test_xxx) in example configuration.
Detects pip install of arbitrary packages that modify the host environment
pip install scPin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.
Likely FP if the match is in documentation showing how to install the skill's own PyPI package.
Detects MCP server configurations connecting to non-localhost remote URLs
"url": "https://arxiv.org/abs/xxxx.xxxxx"Change the MCP server URL to localhost or a trusted internal endpoint. If a remote server is required, verify the domain ownership and use HTTPS with certificate validation.
Likely FP if the URL points to example.com, a documentation domain, or a well-known SaaS API endpoint (e.g., api.openai.com).
Detects MCP server configurations connecting to non-localhost remote URLs
"url": "https://arxiv.org/pdf/xxxx.xxxxx.pdf"Change the MCP server URL to localhost or a trusted internal endpoint. If a remote server is required, verify the domain ownership and use HTTPS with certificate validation.
Likely FP if the URL points to example.com, a documentation domain, or a well-known SaaS API endpoint (e.g., api.openai.com).
Detects pip install of arbitrary packages that modify the host environment
pip install pyPin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.
Likely FP if the match is in documentation showing how to install the skill's own PyPI package.
Detects MCP server configurations connecting to non-localhost remote URLs
"url": "https://www.zotero.org/items/ABCD1234"Change the MCP server URL to localhost or a trusted internal endpoint. If a remote server is required, verify the domain ownership and use HTTPS with certificate validation.
Likely FP if the URL points to example.com, a documentation domain, or a well-known SaaS API endpoint (e.g., api.openai.com).