First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
4
Score
70/100
Findings (4)
Detects execution of MCP servers from arbitrary paths, URLs, or user-controlled commands
call --stdio 'uBlock MCP tools from shadowing or overriding built-in tools. Implement tool name uniqueness validation and prevent tools from registering names that conflict with system tools.
Likely FP if the tool has a name similar to a built-in tool by coincidence (e.g., a search tool) without malicious intent to override system behavior.
Detects execution of MCP servers from arbitrary paths, URLs, or user-controlled commands
call --stdio 'uBlock MCP tools from shadowing or overriding built-in tools. Implement tool name uniqueness validation and prevent tools from registering names that conflict with system tools.
Likely FP if the tool has a name similar to a built-in tool by coincidence (e.g., a search tool) without malicious intent to override system behavior.
Detects npx with -y flag that bypasses user confirmation for package installation
npx -y Replace npx -y with an explicit npm install step that pins the package to a specific version, then run it. Remove the -y flag to require user confirmation.
Likely FP if the npx command runs a well-known, trusted tool (e.g., create-react-app) in documentation context with no version pinning concern.
Detects npx with -y flag that bypasses user confirmation for package installation
npx -y Replace npx -y with an explicit npm install step that pins the package to a specific version, then run it. Remove the -y flag to require user confirmation.
Likely FP if the npx command runs a well-known, trusted tool (e.g., create-react-app) in documentation context with no version pinning concern.