First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
2
Score
84/100
Findings (2)
Detects path traversal patterns targeting sensitive files, including URL-encoded variants
../../../etc/passwdPin Git dependencies to specific commit hashes instead of branch names or tags. Branches and tags are mutable and can be updated to point to malicious code.
Likely FP if the Git reference points to a tagged release of a well-known repository, though tags are technically mutable.
Detects dangerous URI schemes or path traversal in resource fields
path: "../../../etc/passwd"Implement strict input validation on the MCP tool's parameters. Block tool calls that attempt to modify the agent's system prompt, configuration, or tool definitions.
Likely FP if the match is a tool that legitimately updates configuration (e.g., a settings manager) and mentions prompt editing only for user-facing customization.