First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
3
Score
70/100
Findings (3)
Detects execution of MCP servers from arbitrary paths, URLs, or user-controlled commands
call https://api.example.com/mcp.Block MCP tools from shadowing or overriding built-in tools. Implement tool name uniqueness validation and prevent tools from registering names that conflict with system tools.
Likely FP if the tool has a name similar to a built-in tool by coincidence (e.g., a search tool) without malicious intent to override system behavior.
Detects execution of MCP servers from arbitrary paths, URLs, or user-controlled commands
--stdio "bun run Block MCP tools from shadowing or overriding built-in tools. Implement tool name uniqueness validation and prevent tools from registering names that conflict with system tools.
Likely FP if the tool has a name similar to a built-in tool by coincidence (e.g., a search tool) without malicious intent to override system behavior.
Detects URLs fetched at runtime that control or influence agent behavior without pinning
fetch url:https:// + configAvoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.
Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.