A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
MCP code execution tool
L79 Detects MCP tools that execute arbitrary code
run_command FIX
Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.
FP?
Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.