Home / Servers / ai.smithery/STUzhy-py_execute_mcp
ai.smithery/STUzhy-py_execute_mcp Run Python code in a secure sandbox without local setup. Declare inline dependencies and execute sā¦
0 Tools
1 Findings
Mar 19, 2026 Last Scanned
ā 1 low finding detected
Category Deep Dive Findings (1) ā” Prompt Injection ā Tool Poisoning š Code Injection š¤ Data Exfiltration ā¬ Privilege & Permissions ā Insecure Config š¦ Dependency Vulns š Supply Chain š Authentication š¤ Adversarial AI š Compliance & Governance šļø Supply Chain Advanced š§ AI Runtime Exploitation š Protocol Edge Cases šµļø Data Privacy Attacks š³ Infrastructure Runtime š Cross-Ecosystem Emergent
ā” Prompt Injection
Prompt & context manipulation attacks
š³ Sub-Category Treeš Remediation Roadmapš Attack Storiesš Compliance OverlayšÆ ATLAS Technique Treeš Maturity Model
PI-DIR Direct Input Injection
Injection via tool descriptions and parameter fields
GAP-001 Prompt Injection Coverage Gap Missing detection coverage for emerging prompt injection attack variants not addressed by current rules
A1 Prompt Injection in Tool Description partial clean 4ā ā¼
B5 Prompt Injection in Parameter Description implemented clean 4ā ā¼
A5 Description Length Anomaly implemented clean 4ā ā¼
PI-IND Indirect / Gateway Injection
Hidden instructions via external content and tool responses
G1 Indirect Prompt Injection Gateway planned clean 4ā ā¼
G3 Tool Response Format Injection implemented clean 4ā ā¼
H2 Prompt Injection in MCP Initialize Response implemented clean 4ā ā¼
I3 Resource Metadata Injection implemented clean 4ā ā¼
PI-CTX Context Manipulation
Context window saturation and prior-approval exploitation
G4 Context Window Saturation partial clean 4ā ā¼
G5 Capability Escalation via Prior Approval implemented clean 4ā ā¼
PI-ENC Encoding & Obfuscation
Payload hiding via invisible chars, base64, schema fields
A7 Zero-Width Character Injection planned clean 4ā ā¼
A9 Encoded Instructions in Description implemented clean 4ā ā¼
J3 Full Schema Poisoning planned clean 4ā ā¼
PI-TPL Template & Output Poisoning
Injection via prompt templates and runtime tool output
I6 Prompt Template Injection implemented clean 4ā ā¼
J5 Tool Output Poisoning Patterns implemented clean 4ā ā¼
Findings1 Low1 Server fails MCP spec compliance checks: required:server_name; required:server_version; required:protocol_version; recommended:tool_descriptions; recommended:parameter_descriptions
Follow the MCP specification for server metadata. Include server name, version, and protocol version. Provide descriptions for all tools and parameters.