lybic-sandbox

clawhub:lybic-sandbox

View source

100/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

100/100

LOW 3

Findings (3)

LOW

pip install arbitrary package EXTDL_009

external-download L83

Detects pip install of arbitrary packages that modify the host environment

pip install ly

FIX

Pin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.

FP?

Likely FP if the match is in documentation showing how to install the skill's own PyPI package.

LOW

MCP code execution tool CMDEXEC_010

command-execution L175

Detects MCP tools that execute arbitrary code

run_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.

LOW

MCP code execution tool CMDEXEC_010

command-execution L196

Detects MCP tools that execute arbitrary code

run_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.