|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const activeContent = content.querySelector(`#auth-tab-${tabId}`);
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
Dynamic import without validation detected
|
L
Lifecycle
|
—
|
—
|
Description
Dynamic import without validation detected
Code Snippet
quickstart = importlib.import_module(module_path)
Remediation
Validate module names against an allowlist before dynamic imports; use static imports when possible
Confidence
high
Rule ID
MCP-L001
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const session = await runner.sessionService.createSession({ appName, userId });
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
Dynamic import without validation detected
|
L
Lifecycle
|
—
|
—
|
Description
Dynamic import without validation detected
Code Snippet
const { main: runAgent } = await import(agentPath);
Remediation
Validate module names against an allowlist before dynamic imports; use static imports when possible
Confidence
high
Rule ID
MCP-L001
|
|
critical
|
—
|
Dynamic import without validation detected
|
L
Lifecycle
|
—
|
—
|
Description
Dynamic import without validation detected
Code Snippet
agent = importlib.import_module(module_path)
Remediation
Validate module names against an allowlist before dynamic imports; use static imports when possible
Confidence
high
Rule ID
MCP-L001
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const setupGisBtn = document.querySelector(`#google-auth-details-${UNIQUE_ID_BASE} .btn--setup-gis`)...
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const setupGisBtn = document.querySelector(`#google-auth-details-${UNIQUE_ID_BASE} .setup-gis-btn`);
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const detailsDiv = item.querySelector(`#google-auth-details-${UNIQUE_ID_BASE}`);
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
b[ii].parentNode.insertBefore(b[ii + 1], b[ii]);
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
SQL string concatenation detected
|
D
SQL Injection
|
—
|
—
|
Description
SQL string concatenation detected
Code Snippet
const session = await runner.sessionService.createSession({ appName, userId });
Remediation
Use parameterized queries with placeholders
Confidence
high
Rule ID
MCP-D002
|
|
critical
|
—
|
Dynamic import without validation detected
|
L
Lifecycle
|
—
|
—
|
Description
Dynamic import without validation detected
Code Snippet
const { main: runAgent } = await import(quickstartPath);
Remediation
Validate module names against an allowlist before dynamic imports; use static imports when possible
Confidence
high
Rule ID
MCP-L001
|
|
high
|
—
|
ML classifier detected prompt injection pattern
|
G
Tool Poisoning
|
—
|
—
|
Description
ML classifier detected prompt injection pattern
Code Snippet
`
<div class="resource-instructions">
<h1 class="resource-title">Toolsets</h1>
...
Remediation
Review and sanitize the detected text for potential injection attempts
Confidence
medium
Rule ID
MCP-ML-001
|
|
high
|
—
|
ML classifier detected prompt injection pattern
|
G
Tool Poisoning
|
—
|
—
|
Description
ML classifier detected prompt injection pattern
Code Snippet
`
<div class="resource-instructions">
<h1 class="resource-title">Tools</h1>
<p...
Remediation
Review and sanitize the detected text for potential injection attempts
Confidence
medium
Rule ID
MCP-ML-001
|
|
high
|
—
|
Potential timing-based covert channel detected
|
M
Hidden Network
|
—
|
—
|
Description
Potential timing-based covert channel detected
Code Snippet
ss.timeout = window.setTimeout(ss.next, ss.milliseconds);
Remediation
Review sleep/delay patterns for data-dependent timing; normalize timing behavior
Confidence
low
Rule ID
MCP-M002
|
|
high
|
—
|
ML classifier detected prompt injection pattern
|
G
Tool Poisoning
|
—
|
—
|
Description
ML classifier detected prompt injection pattern
Code Snippet
`
<div class="auth-method-header">
<span class="auth-method-label">Google ID Tok...
Remediation
Review and sanitize the detected text for potential injection attempts
Confidence
medium
Rule ID
MCP-ML-001
|
|
high
|
—
|
Outbound connection to dynamically constructed URL
|
M
Hidden Network
|
—
|
—
|
Description
Outbound connection to dynamically constructed URL
Code Snippet
const response = await fetch(`/api/toolset/${toolsetName}`);
Remediation
Use allowlist for outbound connections; declare all endpoints in manifest; avoid dynamic URL construction
Confidence
medium
Rule ID
MCP-M003
|
|
high
|
—
|
Outbound connection to dynamically constructed URL
|
M
Hidden Network
|
—
|
—
|
Description
Outbound connection to dynamically constructed URL
Code Snippet
const response = await fetch(`/api/tool/${encodeURIComponent(toolName)}`, { signal });
Remediation
Use allowlist for outbound connections; declare all endpoints in manifest; avoid dynamic URL construction
Confidence
medium
Rule ID
MCP-M003
|
|
medium
|
—
|
Potential secret in variable name
|
E
Secrets/Tokens
|
—
|
—
|
Description
Potential secret in variable name
Code Snippet
IS_AUTH_PARAM
Remediation
Avoid storing secrets in plaintext variables
Confidence
low
Rule ID
MCP-E002
|
|
medium
|
—
|
Potential secret in variable name
|
E
Secrets/Tokens
|
—
|
—
|
Description
Potential secret in variable name
Code Snippet
authTokenDropdown
Remediation
Avoid storing secrets in plaintext variables
Confidence
low
Rule ID
MCP-E002
|