First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
2
Score
77/100
Findings (2)
Code block labeled "markdown" contains executable content
## Security Review Checklist
### Authentication & Authorization
- [ ] Is authentication required where needed?
- [ ] Are authorization checks before every action?
- [ ] Is JWT validation proper (sig...Align the tool description with what the code actually does. If the description says one thing but the code does another, update the description to be accurate or fix the code.
Likely FP if the NLP analyzer misinterpreted technical jargon or the description accurately describes behavior through domain-specific terminology.
Detects excessive or dangerous capability requests in MCP configurations
permissions = [] # Shared across allRestrict the tool to well-defined scopes and prevent it from requesting all permissions. Implement least-privilege access controls and audit permission grants.
Likely FP if the match is a tool description documenting available permission scopes, not a tool that actually requests overly broad access.