Shell metacharacters in command field

AI security governance · MCP security

Severity

critical

What it is

The command field contains shell metacharacters (;, &&, ||, backticks, $()) that could enable command injection.

How Igris detects it

Igris's Command Injection Detector flags this during MCP security scans of your configuration.

References

Related MCP security rules

Secure your AI estate with Igris