ai.smithery/JunoJunHyun-festival-finder-mcp
v0.1.0Discover festivals worldwide by location, date, and genre. Compare options with key details like d…
9
Total
2
Critical
3
High
4
Medium
Findings
unknownEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
137:
138: # Environments
>>> 139: .env
140: .envrc
141: .venvReport false positiveEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
210:
211: # secrets
>>> 212: *.env
213:
214: # backups & archivesReport false positivePyPI config access (may contain tokens)
Detected by automated pattern matching (rule DE-009) with medium confidence. May be a false positive.
195:
196: # PyPI configuration file
>>> 197: .pypirc
198:
199: # CursorReport false positiveDecoded base64 content: ��?z�j���j���#y�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: r�좸�u�b�����
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
186: # Visual Studio Code
187: # Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
>>> 188: # that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
189: # and can be added to the global gitignore or merged into this file. However, if you prefer,
190: # you could uncomment the following to ignore the entire vscode folderReport false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
28: params = {'service': KOPIS_API_KEY}
29: try:
>>> 30: response = requests.get(url, params=params)
31: response.raise_for_status()
32: root = ET.fromstring(response.content)Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
60: }
61: try:
>>> 62: response = requests.get(url, params=full_params)
63: response.raise_for_status()
64: root = ET.fromstring(response.content)Report false positiveScan History
| Date | Risk | Findings | Files | Duration |
|---|---|---|---|---|
| Feb 26, 2026 | critical | 9 | 9 | 0.00s |
| Feb 24, 2026 | critical | 9 | 9 | 0.00s |