Unvalidated args with interpolation patterns

AI security governance · MCP security

Severity

high

What it is

Arguments contain variable interpolation patterns (${...}, $VAR) that may be expanded unsafely at runtime.

How Igris detects it

Igris's Command Injection Detector flags this during MCP security scans of your configuration.

References

Related MCP security rules

Secure your AI estate with Igris