mcp

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The code and documentation are benign as developer guidance, but example implementations demonstrate insecure patterns that can lead to command injection (execSync with interpolated input) and SQL injection/data exfiltration (raw SQL input). The MCP mechanism inherently allows execution of arbitrary JS tools from configured paths, so misconfiguration or exposure to untrusted agents can result in full host code execution. Apply input validation, parameterization, least privilege, and sandboxing to mitigate risks before exposing MCP handlers to untrusted sources. LLM verification: The code is instructional and not itself obfuscated or overtly malicious. However, the examples expose high-risk patterns: shell command execution via execSync with unsanitized interpolated input and an open DB query interface accepting raw SQL. If reused without hardening, these patterns enable command injection and SQL injection leading to arbitrary command execution and data exfiltration. Treat the snippets as templates that require input validation, least privilege, and safer APIs before dep