First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
8
Score
69/100
Findings (8)
Detects downloading a binary file followed by making it executable
curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download + ./aPin the download to a specific version tag or commit hash. Verify the downloaded file's checksum before using it. Avoid piping curl output directly to a shell.
Likely FP if downloading from an official, well-known domain (e.g., deno.land, rustup.rs) with HTTPS, though this pattern remains risky even with trusted sources.
Detects patterns where credential or secret reads are combined with external data transmission
access to source code, secret + Upload only build outputPrevent credentials and sensitive data obtained by one MCP tool from being passed to other tools. Implement data isolation between tools and restrict cross-tool data flow for secrets.
Likely FP if the cross-tool data flow is intentional API authentication (e.g., a tool fetches an auth token that another tool uses for the same service).
Detects skills fetching external URLs to use as runtime instructions
curl https://raw.githubusercontent.com + configurationPin the downloaded resource to a specific version or commit hash, and verify its integrity with a checksum (SHA-256). Avoid fetching scripts or binaries from arbitrary URLs at runtime.
Likely FP if the download URL points to a well-known CDN or package registry (e.g., npmjs.com, pypi.org) and is pinned to a specific version.
Detects references to raw.githubusercontent.com on mutable branches like main/master
raw.githubusercontent.com/rhysd/actionlint/main/Replace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.
Detects GitHub Actions references using mutable branch names instead of pinned commit SHAs or tags
uses: sonarsource/sonarqube-scan-action@masterVerify that build scripts and Makefiles do not download or run code from untrusted sources. Audit all build steps and pin any external tools used during the build process.
Likely FP if the build script only runs standard toolchain commands (e.g., cargo build, go build) without downloading external resources.
Detects GitHub Actions references using mutable branch names instead of pinned commit SHAs or tags
uses: aquasecurity/trivy-action@masterVerify that build scripts and Makefiles do not download or run code from untrusted sources. Audit all build steps and pin any external tools used during the build process.
Likely FP if the build script only runs standard toolchain commands (e.g., cargo build, go build) without downloading external resources.
Detects GitHub Actions references using mutable branch names instead of pinned commit SHAs or tags
uses: sonarsource/sonarqube-scan-action@masterVerify that build scripts and Makefiles do not download or run code from untrusted sources. Audit all build steps and pin any external tools used during the build process.
Likely FP if the build script only runs standard toolchain commands (e.g., cargo build, go build) without downloading external resources.
Detects GitHub Actions references using mutable branch names instead of pinned commit SHAs or tags
uses: some-org/action@mainVerify that build scripts and Makefiles do not download or run code from untrusted sources. Audit all build steps and pin any external tools used during the build process.
Likely FP if the build script only runs standard toolchain commands (e.g., cargo build, go build) without downloading external resources.