Unvalidated args with interpolation patterns
AI security governance · MCP security
Severity
high
What it is
Arguments contain variable interpolation patterns (${...}, $VAR) that may be expanded unsafely at runtime.
How Igris detects it
Igris's Command Injection Detector flags this during MCP security scans of your configuration.
References
Related MCP security rules
Secure your AI estate with Igris