Command Injection
Overview mcp-watch is a Security scanner for Model Context Protocol MCP servers - detect vulnerabilities and security issues Affected versions of this package are vulnerable to Command Injection via the cloneRepo function in the /scanner/McpScanner.ts file. An attacker can execute arbitrary...