-
Notifications
You must be signed in to change notification settings - Fork 0
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
Scanner ignores the standard
mcpServersstdio config format (Claude Desktop / Cursor / VS Code): misleading NO_AUTH + every real risk missedbugSomething isn't workingSomething isn't workingenhancementNew feature or requestNew feature or requestStatus: Open.#39 In HailBytes/mcp-security-scanner;URL/endpoint scanning is misleading: every live server URL yields a false CRITICAL NO_AUTH (+ MISSING_RATE_LIMIT) because the endpoint is never introspected
bugSomething isn't workingSomething isn't workingStatus: Open.#27 In HailBytes/mcp-security-scanner;- Status: Open.#26 In HailBytes/mcp-security-scanner;
YAML configs are silently mis-scanned: nested
transport.authandtoolsare dropped (false NO_AUTH + all tool rules skipped)bugSomething isn't workingSomething isn't workingStatus: Open.#19 In HailBytes/mcp-security-scanner;CLI silently passes when
--ruleis given an unknown/typo'd rule ID (false "PASSED" security gate)bugSomething isn't workingSomething isn't workingStatus: Open.#11 In HailBytes/mcp-security-scanner;