FastMCP Development

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] hardcoded_secrets: Generic secret pattern detected (HS005) [AITech 8.2] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This SKILL.md-style artifact is a documentation/template pack for building FastMCP MCP servers. I found no direct malicious code or obfuscated payloads. Primary security concerns are operational: the docs show powerful capabilities (file reads, env var access, DB queries, proxying, LLM sampling) that are appropriate for the stated purpose but must be configured securely. The most notable risky guidance is instructing users to place secrets directly into the Claude Desktop JSON config or pass them via --env without discussing secure secret storage; combined with insecure default transport (HTTP/no auth), this can lead to accidental credential exposure or data leaks if developers follow quick-start examples verbatim. Overall, the content appears benign as documentation, but has moderate security risk if used without following the recommended production hardening steps. LLM verification: The provided content is legitimate documentation and examples for FastMCP MCP server development. I found no direct indicators of obfuscation or explicit malware, nor hard-coded real credentials or known malicious endpoints. The primary security concerns are operational: unpinned dependency installs, the high privileges granted to tool handlers (filesystem/env/network), and the potential for installed third-party packages or user-defined handlers to exfiltrate data. Mitigations: pin/verify depen