Skip to content

Pull requests: HailBytes/mcp-security-scanner

New pull request New
17 Open 14 Closed
17 Open 14 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

feat(EXPOSED_SECRETS): broaden secret detection and stop leaking matched values
#35 opened Jun 27, 2026 by dmchaledev Contributor Loading…
fix(cli): --exit-code no longer fails on the URL_SCAN_LIMITED INFO note
#34 opened Jun 26, 2026 by dmchaledev Contributor Loading…
4 tasks done
feat(sarif): emit GitHub security-severity so Code Scanning ranks findings by severity
#33 opened Jun 24, 2026 by dmchaledev Contributor Loading…
4 tasks done
fix(permissions): flag wildcard and case-variant dangerous tool grants
#32 opened Jun 23, 2026 by dmchaledev Contributor Loading…
5 tasks done
fix(UNSAFE_TOOL_OUTPUT_PATH): resolve path traversal before matching system dirs
#31 opened Jun 22, 2026 by dmchaledev Contributor Loading…
5 tasks done
fix(EXPOSED_SECRETS): detect modern API key formats (OpenAI sk-proj/svcacct, Anthropic, GitHub, Google, Slack, Stripe)
#29 opened Jun 21, 2026 by dmchaledev Contributor Loading…
fix(EXPOSED_SECRETS): redact matched secrets in finding evidence
#28 opened Jun 20, 2026 by dmchaledev Contributor Loading…
4 tasks done
fix(cli): reject unknown --rule values instead of silently passing
#25 opened Jun 17, 2026 by dmchaledev Contributor Loading…
4 tasks done
1
docs: fix broken CLI flag and inverted score semantics in README
#22 opened Jun 14, 2026 by dmchaledev Contributor Loading…
fix: repair broken Jest suite (CI red since SARIF version change) + add --output alias
#20 opened Jun 13, 2026 by dmchaledev Contributor Loading…
fix: MISSING_TLS false positive on secure wss:// transports
#18 opened Jun 10, 2026 by dmchaledev Contributor Loading…
fix(cli): validate --rule and reject unknown rule IDs (closes #11)
#17 opened Jun 9, 2026 by dmchaledev Contributor Loading…
1
docs: fix broken SARIF CLI example and inverted risk-score comment in README
#16 opened Jun 5, 2026 by dmchaledev Contributor Loading…
docs: fix invalid --output flag and inverted score description
#15 opened Jun 4, 2026 by dmchaledev Contributor Loading…
fix: EXPOSED_SECRETS silently misses hardcoded passwords in configs
#14 opened Jun 3, 2026 by dmchaledev Contributor Loading…
docs: fix README/launch-post to match actual CLI flag and score semantics
#13 opened Jun 2, 2026 by dmchaledev Contributor Loading…
fix(test): run Jest as ESM to unbreak CI on main
#12 opened Jun 1, 2026 by dmchaledev Contributor Loading…
ProTip! Follow long discussions with comments:>50.