First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
3
Score
100/100
Findings (3)
Detects -y, --yes, or --auto-approve flags in MCP/skill install commands that bypass user confirmation
Install dependencies
apt-get install -yRemove the -y/--yes auto-confirm flag from MCP server launch arguments. This flag bypasses user confirmation prompts and allows unattended execution of potentially dangerous operations.
Likely FP if the matched text is an isolated flag (-y or --yes) in documentation describing command-line options, not in an actual MCP config.
Detects downloading binary, archive, or installer files from remote URLs
wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.debVerify the integrity of downloaded binaries or archives using SHA-256 checksums or GPG signatures. Pin download URLs to specific versions and avoid fetching from unverified sources.
Likely FP if the download is from github.com or githubusercontent.com for a specific tagged release with documented checksums.
Detects URLs fetched at runtime that control or influence agent behavior without pinning
get https:// + settingsAvoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.
Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.