Shell wrapper command detected
AI security governance · MCP security
Severity
critical
What it is
The server uses a shell wrapper (sh -c, bash -c, cmd /c) which passes arguments through a shell interpreter, enabling injection.
How Igris detects it
Igris's Command Injection Detector flags this during MCP security scans of your configuration.
References
Related MCP security rules
Secure your AI estate with Igris