ICUICU
critical

mcp-server-docker

v1.0.0

MCP server for executing commands in Docker containers

npmaholsingerFirst seen Feb 25, 2026

7

Total

3

Critical

3

High

1

Medium

Findings

unknown
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    31: const ALLOWED_CONTAINERS = parseAllowedContainers();
    32: const DEFAULT_TIMEOUT = parseInt(process.env.COMMAND_TIMEOUT || "300000");
>>> 33: const DEFAULT_SERVICE = process.env.DEFAULT_SERVICE || "laravel_app";
    34: async function runDockerCommand(command, service) {
    35:     const targetService = service || DEFAULT_SERVICE;
Report false positive
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    9: // Format: "service1:container1,service2:container2"
    10: function parseAllowedContainers() {
>>> 11:     const allowedStr = process.env.ALLOWED_CONTAINERS || "";
    12:     const containers = {};
    13:     if (allowedStr) {
Report false positive
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    30: }
    31: const ALLOWED_CONTAINERS = parseAllowedContainers();
>>> 32: const DEFAULT_TIMEOUT = parseInt(process.env.COMMAND_TIMEOUT || "300000");
    33: const DEFAULT_SERVICE = process.env.DEFAULT_SERVICE || "laravel_app";
    34: async function runDockerCommand(command, service) {
Report false positive
highSC-005Suspicious CommandsMedium ConfidenceLine 0

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    3: import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
    4: import { CallToolRequestSchema, ListToolsRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
>>> 5: import { spawn } from "child_process";
    6: import * as dotenv from "dotenv";
    7: dotenv.config();
Report false positive
highDO-BASunknownMedium ConfidenceLine 0

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Report false positive
highDO-BASunknownMedium ConfidenceLine 0

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Report false positive
mediumEN-001unknownMedium ConfidenceLine 0

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Report false positive