linuxdo security findings

No findings on file

54 rules tested cleanly. 109 rules need more context — see below.

Test 109 more rules — give us more context3 input gaps

Dependency manifest7 rules

To unlock these tests: expose your package manifest.

D1Known CVEs in DependenciesSupply Chain SecurityKnown Vulnerable Dependencies
D2Abandoned DependenciesSupply Chain SecurityKnown Vulnerable Dependencies
D3Typosquatting Risk in DependenciesSupply Chain SecurityMalicious & Typosquat Packages
D4Excessive Dependency CountSupply Chain SecurityKnown Vulnerable Dependencies
D5Known Malicious or Flagged PackageSupply Chain SecurityMalicious & Typosquat Packages
D6Weak or Deprecated Cryptography DependenciesCode VulnerabilitiesInsecure Credential & Crypto
D7Dependency Confusion Attack RiskSupply Chain SecurityMalicious & Typosquat Packages

Live connection3 rules

To unlock these tests: register a live MCP endpoint.

E1No Authentication RequiredCode VulnerabilitiesServer-Hardening Failures
E2Insecure TransportAuthentication & IdentitySession & Transport Security
E3Response Time AnomalyAudit & LoggingAbsent or Unstructured Logging

Source code99 rules

To unlock these tests: publish your source on GitHub.

C1Command InjectionCode VulnerabilitiesCommand & Shell Execution
C10Prototype PollutionCode VulnerabilitiesData Store Injection
C11ReDoS — Catastrophic Regex BacktrackingCode VulnerabilitiesServer-Hardening Failures
C12Unsafe DeserializationCode VulnerabilitiesDynamic Code Evaluation & Deserialization
C13Server-Side Template Injection (SSTI)Code VulnerabilitiesDynamic Code Evaluation & Deserialization
C14JWT Algorithm Confusion / None Algorithm AttackCode VulnerabilitiesInsecure Credential & Crypto
C15Timing Attack on Secret or Token ComparisonCode VulnerabilitiesInsecure Credential & Crypto
C16Dynamic Code Evaluation with User InputCode VulnerabilitiesCommand & Shell Execution
C2Path TraversalCode VulnerabilitiesFilesystem & Network Traversal
C3Server-Side Request Forgery (SSRF)Code VulnerabilitiesFilesystem & Network Traversal
C4SQL InjectionCode VulnerabilitiesData Store Injection
C5Hardcoded Secrets in Source CodeCode VulnerabilitiesInsecure Credential & Crypto
C6Error Message Information LeakageCode VulnerabilitiesServer-Hardening Failures
C7Wildcard CORS ConfigurationCode VulnerabilitiesServer-Hardening Failures
C8No Authentication on Network-Exposed ServerCode VulnerabilitiesServer-Hardening Failures
C9Excessive Filesystem ScopeCode VulnerabilitiesCommand & Shell Execution
G7DNS-Based Data Exfiltration ChannelData ExfiltrationExplicit Network Exfiltration
H1MCP OAuth 2.0 Insecure ImplementationAuthentication & IdentityOAuth Misimplementation
I12Capability Escalation Post-InitializationHuman OversightPost-Init Capability Escalation
I15Transport Session SecurityAuthentication & IdentitySession & Transport Security
J1Cross-Agent Configuration PoisoningSupply Chain SecurityConfig Injection & Bridge Supply Chain
J2Git Argument InjectionCode VulnerabilitiesCommand & Shell Execution
J4Health Endpoint Information DisclosureModel ManipulationInformation Disclosure Via Debug Surface
J5Tool Output Poisoning PatternsPrompt InjectionIndirect Gateway Injection
J7OpenAPI Specification Field InjectionCode VulnerabilitiesOpenAPI / Spec Field Injection
K1Absent Structured LoggingAudit & LoggingAbsent or Unstructured Logging
K10Package Registry SubstitutionTool PoisoningUpdate-Channel Spoofing
K11Missing Server Integrity VerificationSupply Chain SecurityKnown Vulnerable Dependencies
K12Executable Content in Tool ResponseTool PoisoningAnnotation Deception
K13Unsanitized Tool OutputTool PoisoningAnnotation Deception
K14Agent Credential Propagation via Shared StateAuthentication & IdentityCross-Boundary Credential Sharing
K16Unbounded Recursion / Missing Depth LimitsProtocol & TransportJSON-RPC Batching & Flooding
K17Missing Timeout or Circuit BreakerDenial of ServiceRecursion & Loop Bombs
K18Cross-Trust-Boundary Data Flow in Tool ResponseData ExfiltrationSource-to-Sink Flow
K19Missing Runtime Sandbox EnforcementDenial of ServiceTimeout & Circuit-Breaker Gaps
K2Audit Trail DestructionAudit & LoggingLog Destruction
K20Insufficient Audit Context in LoggingAudit & LoggingInsufficient Audit Context
K3Audit Log TamperingAudit & LoggingLog Destruction
K5Auto-Approve / Bypass Confirmation PatternHuman OversightAuto-Approve & Bypass
K6Overly Broad OAuth ScopesAuthentication & IdentityOAuth Misimplementation
K7Long-Lived Tokens Without RotationAuthentication & IdentityOAuth Misimplementation
K8Cross-Boundary Credential SharingData ExfiltrationTrust-Boundary Data Flow
K9Dangerous Post-Install HooksSupply Chain SecurityInstall-Time Execution
L1GitHub Actions Tag PoisoningSupply Chain SecurityCI/CD Poisoning
L10Registry Metadata SpoofingTool PoisoningUpdate-Channel Spoofing
L11Environment Variable Injection via MCP ConfigSupply Chain SecurityConfig Injection & Bridge Supply Chain
L12Build Artifact TamperingCode VulnerabilitiesOpenAPI / Spec Field Injection
L13Build Credential File TheftSupply Chain SecurityCI/CD Poisoning
L14Hidden Entry Point MismatchSupply Chain SecurityManifest & Entry-Point Confusion
L15Update Notification SpoofingTool PoisoningBehavior Drift
L2Malicious Build Plugin InjectionCode VulnerabilitiesOpenAPI / Spec Field Injection
L3Dockerfile Base Image Supply Chain RiskSupply Chain SecurityRegistry & Distribution Substitution
L4MCP Config File Code InjectionSupply Chain SecurityManifest & Entry-Point Confusion
L5Package Manifest Confusion IndicatorsSupply Chain SecurityManifest & Entry-Point Confusion
L6Config Directory Symlink AttackSupply Chain SecurityRegistry & Distribution Substitution
L7Transitive MCP Server DelegationSupply Chain SecurityManifest & Entry-Point Confusion
L8Version Rollback / Downgrade AttackSupply Chain SecurityRegistry & Distribution Substitution
L9CI/CD Secret Exfiltration PatternsSupply Chain SecurityCI/CD Poisoning
M2TokenBreak Boundary ManipulationModel ManipulationTokenizer Boundary Attacks
M6Progressive Context Poisoning EnablersHuman OversightTool-Position & Progressive Poisoning
M7Tool Response Structure BombDenial of ServiceResponse Payload Amplification
M8Inference Cost AmplificationDenial of ServiceInference Cost Amplification
M9Model-Specific System Prompt ExtractionModel ManipulationReasoning Extraction
N1JSON-RPC Batch Request AbuseProtocol & TransportJSON-RPC Batching & Flooding
N10Incomplete Handshake Denial of ServiceProtocol & TransportJSON-RPC Batching & Flooding
N11Protocol Version Downgrade AttackProtocol & TransportProtocol Version & Method Confusion
N12Resource Subscription Content MutationPrompt InjectionIndirect Gateway Injection
N13HTTP Chunked Transfer SmugglingProtocol & TransportStreaming & Session Hijacking
N14Trust-On-First-Use Bypass (TOFU)Authentication & IdentitySession & Transport Security
N15JSON-RPC Method Name ConfusionProtocol & TransportProtocol Version & Method Confusion
N2JSON-RPC Notification FloodingProtocol & TransportJSON-RPC Batching & Flooding
N3JSON-RPC Request ID CollisionProtocol & TransportJSON-RPC Batching & Flooding
N4JSON-RPC Error Object InjectionPrompt InjectionProtocol-Surface Injection
N5Capability Downgrade DeceptionProtocol & TransportProtocol Version & Method Confusion
N6SSE Reconnection HijackingProtocol & TransportStreaming & Session Hijacking
N7Progress Token Prediction and InjectionProtocol & TransportStreaming & Session Hijacking
N8Cancellation Race ConditionProtocol & TransportJSON-RPC Batching & Flooding
N9MCP Logging Protocol InjectionPrompt InjectionContext & Trust Manipulation
O10Privacy-Violating TelemetryData ExfiltrationCovert Channels
O4Clipboard and UI Exfiltration InjectionData ExfiltrationTrust-Boundary Data Flow
O5Environment Variable HarvestingData ExfiltrationCovert Channels
O6Server Fingerprinting via Error ResponsesData ExfiltrationCovert Channels
O8Timing-Based Covert ChannelData ExfiltrationCovert Channels
O9Ambient Credential ExploitationData ExfiltrationCovert Channels
P1Docker Socket Mount in ContainerContainer & RuntimeContainer Escape Vectors
P10Host Network Mode and Missing Egress ControlsContainer & RuntimeHost Mount & Network
P2Dangerous Container CapabilitiesContainer & RuntimeContainer Escape Vectors
P3Cloud Metadata Service AccessContainer & RuntimeCloud Metadata Access
P4TLS Certificate Validation BypassContainer & RuntimeTLS & Crypto Misconfig
P5Secrets Exposed in Container Build LayersSupply Chain SecurityRegistry & Distribution Substitution
P6LD_PRELOAD and Shared Library HijackingContainer & RuntimeContainer Escape Vectors
P7Sensitive Host Filesystem MountContainer & RuntimeHost Mount & Network
P8Insecure Cryptographic Mode or Static IV/NonceContainer & RuntimeTLS & Crypto Misconfig
P9Missing Container Resource LimitsDenial of ServiceContainer Resource Exhaustion
Q13MCP Bridge Package Supply Chain AttackSupply Chain SecurityConfig Injection & Bridge Supply Chain
Q15A2A/MCP Protocol Boundary ConfusionHuman OversightTrust-Delegation Confusion
Q3Localhost MCP Service HijackingProtocol & TransportLocalhost & Concurrency Hijack
Q4IDE MCP Configuration InjectionSupply Chain SecurityConfig Injection & Bridge Supply Chain
Q7Desktop Extension Privilege ChainContainer & RuntimePrivileged Roots & Extensions

Tested cleanly

Prompt Injection24 rules tested cleanly
Tool Poisoning17 rules tested cleanly
Code Vulnerabilities23 rules tested cleanly
Data Exfiltration15 rules tested cleanly
Authentication & Identity9 rules tested cleanly
Supply Chain Security23 rules tested cleanly
Human Oversight6 rules tested cleanly
Audit & Logging5 rules tested cleanly
Multi-Agent Security1 rule tested cleanly
Protocol & Transport15 rules tested cleanly
Denial of Service7 rules tested cleanly
Container & Runtime10 rules tested cleanly
Model Manipulation8 rules tested cleanly