Skip to content

fix(security): prevent injection vulnerabilities in direct_scanner#209

Open
JackDKobe wants to merge 1 commit intosnyk:mainfrom
JackDKobe:fix/direct-scanner-injection-vulnerabilities
Open

fix(security): prevent injection vulnerabilities in direct_scanner#209
JackDKobe wants to merge 1 commit intosnyk:mainfrom
JackDKobe:fix/direct-scanner-injection-vulnerabilities

Conversation

@JackDKobe
Copy link

@JackDKobe JackDKobe commented Mar 8, 2026

Summary

This PR fixes potential injection vulnerabilities in the direct_scanner.py module.

Security Issues Fixed

1. URL Injection Vulnerability

  • Location: scan_streamable_https()
  • Issue: User-provided URL was directly concatenated into config file
  • Fix: Added URL validation (length limit, control character blocking) and used json.dumps() for proper escaping

2. JSON Injection Vulnerability

  • Location: scan_npm(), scan_pypi(), scan_oci()
  • Issue: User-provided package names/OCI URLs were directly concatenated into JSON
  • Fix: Added validation functions and used json.dumps() for proper escaping

Changes

  • Added _validate_package_name() - prevents path traversal and control characters
  • Added _validate_version() - restricts to semver-compatible characters
  • Added _validate_oci_url() - prevents shell metacharacter injection
  • Replaced string concatenation with json.dumps() for proper JSON escaping

Test Plan

  • Validated with malicious inputs (newlines, shell metacharacters, path traversal)
  • Maintains backward compatibility with valid inputs

Security Impact

These changes prevent:

  • Command injection via malicious URLs/package names/OCI URLs
  • JSON injection attacks
  • Path traversal attempts

fix(security): prevent injection vulnerabilities in direct_scanner
0a21e84 
- Add URL validation in scan_streamable_https() to prevent control characters
- Add _validate_package_name() to prevent path traversal and control characters
- Add _validate_version() to restrict version strings to semver-compatible chars
- Add _validate_oci_url() to prevent shell metacharacter injection
- Replace string concatenation with json.dumps() for proper JSON escaping

These changes prevent potential command injection and JSON injection attacks
when scanning MCP servers from user-provided URLs, package names, and OCI URLs.
@JackDKobe JackDKobe requested a review from a team as a code owner March 8, 2026 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JackDKobe