🟠 slack

Slack is a channel-based messaging platform. With Slack, people can work together more effectively, connect all their software tools and services, and find the information they need to do their best work — all within a secure, enterprise-grade environment.

Field	Value
Grade	C
Risk Score	40
Version	`smithery`
Vendor	Smithery
Source	slack
Scan Date	2026-05-04
Scanner	tooltrust-scanner/v0.3.9

Findings Summary

Severity	Count
Critical	0
High	51
Medium	50
Low	51
Info	142

Detailed Findings

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

Recommendation: Avoid accepting raw credentials as input parameters. Use secret managers (e.g. 1Password CLI, AWS Secrets Manager) and ensure credentials are never logged or stored in agent traces.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 16 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares exec permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares exec permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: tool declares http permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 13 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 13 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares db permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares db permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 12 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 16 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 16 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 🔑 `AS-002` — Excessive Permission Surface

Severity: Low

Description: input schema exposes 12 properties (threshold: 10)

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares exec permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🗝️ `AS-010` — Insecure Secret Handling

Severity: High

Description: input parameter "token" appears to accept a secret or credential

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

Scored using ToolTrust methodology · Raw JSON report

FilesExpand file tree

slack.md

Latest commit

History

slack.md

File metadata and controls

🟠 slack

Findings Summary

Detailed Findings

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🟠 🗝️ AS-010 — Insecure Secret Handling

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🗝️ AS-010 — Insecure Secret Handling

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

🟠 🔑 AS-002 — Excessive Permission Surface

🟠 🗝️ AS-010 — Insecure Secret Handling

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🟠 🗝️ AS-010 — Insecure Secret Handling

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

🟠 🗝️ AS-010 — Insecure Secret Handling

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 AS-002 — Excessive Permission Surface

🟠 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🟠 🗝️ `AS-010` — Insecure Secret Handling

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🗝️ `AS-010` — Insecure Secret Handling

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

🟠 🔑 `AS-002` — Excessive Permission Surface

🟠 🗝️ `AS-010` — Insecure Secret Handling

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🟠 🗝️ `AS-010` — Insecure Secret Handling

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

🟠 🗝️ `AS-010` — Insecure Secret Handling

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface