MCP Scanner
ScanLeaderboardDocsSign in
Home/Artin0123/gemini-vision-mcp/Results

This repository may not be an MCP server

We could not detect MCP SDK imports or tool registrations.

100A

gemini-vision-mcp

Artin0123/gemini-vision-mcp

12 files · 1 findings

Share GitHub SARIF JSON
1 high
Tool Poisoningclean
Command Injectionclean
Path Traversalclean
SSRF1 issue
Credential Theftclean
Excessive Permissionsclean
Missing Authclean
Supply Chain
SSRF1

HTTP request with unvalidated URL parameter

high

Passing user-controlled variables directly to fetch, axios, or http.get without URL validation enables SSRF attacks.

src/gemini-media.ts:145
const response = await fetch(source.data);
How to fix

Validate and sanitize all URLs before making HTTP requests. Use an allowlist of permitted domains.

clean
Rug Pullclean