penpot-uiux-design

skills-sh:github_awesome-copilot__penpot-uiux-design

View source

68/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

68/100

MEDIUM 4

Findings (4)

MEDIUM

MCP code execution tool CMDEXEC_010

command-execution L14

Detects MCP tools that execute arbitrary code

execute_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.

MEDIUM

MCP code execution tool CMDEXEC_010

command-execution L107

Detects MCP tools that execute arbitrary code

execute_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.

MEDIUM

MCP code execution tool CMDEXEC_010

command-execution L320

Detects MCP tools that execute arbitrary code

execute_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.

MEDIUM

MCP code execution tool CMDEXEC_010

command-execution L331

Detects MCP tools that execute arbitrary code

execute_code

FIX

Restrict code execution tools to specific languages and sandbox the runtime environment. Use a container or VM-based sandbox instead of running code directly on the host.

FP?

Likely FP if the MCP tool is a dedicated code runner (e.g., Jupyter kernel) with documented sandboxing and no network access.