7. Unknown Transitive Dependencies in Tool Chains

7. Unknown Transitive Dependencies in Tool Chains

MCP tools often rely on CLI tools (nmap, curl) or packages (requests, pycrypto) without visibility into their CVEs.

Tech Detail:

  • No SBOM (Software Bill of Materials)
  • No dynamic runtime dependency scanner

Exploit Potential:

  • curl <7.84 allows command injection
  • Python packages with typosquatted names (reqeusts) silently exfiltrate

Mitigation:

  • Run syft or trivy on tool containers
  • Publish signed SBOMs and track transitive CVEs
ON THIS PAGE