Model Context Protocol policy index¶
22 rules — 22 tool
Risk score = severity_weight × confidence × 100 (engine formula; weights: low=0.15, medium=0.40, high=0.70). Higher = worse.
| Id | SDK/ADK | Scope | Applies To | Policy | Severity | Confidence | Risk | Source | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | MCP-001 | MCP | tool | mcp_tool | Tool has no description | low | 0.90 | 13.5 | tool_definition.yaml |
| 2 | MCP-002 | MCP | tool | mcp_tool | Tool has no type-annotated parameters | medium | 0.85 | 34.0 | tool_definition.yaml |
| 3 | MCP-003 | MCP | tool | mcp_tool | Ambiguous tool name | low | 0.85 | 12.8 | tool_definition.yaml |
| 4 | MCP-004 | MCP | tool | mcp_tool | Network call has no timeout | high | 0.85 | 59.5 | network.yaml |
| 5 | MCP-005 | MCP | tool | mcp_tool | Path parameter used in I/O without validation | high | 0.70 | 49.0 | path_safety.yaml |
| 6 | MCP-006 | MCP | tool | mcp_tool | Tool raises exceptions without a structured error contract | low | 0.60 | 9.0 | error_handling.yaml |
| 7 | MCP-007 | MCP | tool | mcp_tool | Mutating tool has no idempotency key | medium | 0.55 | 22.0 | idempotency.yaml |
| 8 | MCP-008 | MCP | tool | mcp_tool | Tool fetches a caller-controlled URL (SSRF) | high | 0.60 | 42.0 | ssrf.yaml |
| 9 | MCP-009 | MCP | tool | mcp_tool | Tool body calls eval/exec/compile on dynamic input | high | 0.85 | 59.5 | code_execution.yaml |
| 10 | MCP-010 | MCP | tool | mcp_tool | Tool body spawns a subprocess | high | 0.70 | 49.0 | shell_safety.yaml |
| 11 | MCP-011 | MCP | tool | mcp_tool | TypeScript MCP tool has no description | low | 0.85 | 12.8 | tool_definition.yaml |
| 12 | MCP-012 | MCP | tool | mcp_tool | TypeScript MCP tool spawns a subprocess | high | 0.70 | 49.0 | shell_safety.yaml |
| 13 | MCP-013 | MCP | tool | mcp_tool | TypeScript MCP tool fetches a caller-controlled URL (SSRF) | high | 0.60 | 42.0 | ssrf.yaml |
| 14 | MCP-014 | MCP | tool | mcp_tool | TypeScript MCP tool evaluates dynamic code | high | 0.90 | 63.0 | code_execution.yaml |
| 15 | MCP-015 | MCP | tool | mcp_tool | Go MCP tool has no description | low | 0.85 | 12.8 | tool_definition.yaml |
| 16 | MCP-016 | MCP | tool | mcp_tool | Ambiguous Go MCP tool name | low | 0.85 | 12.8 | tool_definition.yaml |
| 17 | MCP-017 | MCP | tool | mcp_tool | C# MCP tool has no description | low | 0.85 | 12.8 | tool_definition.yaml |
| 18 | MCP-018 | MCP | tool | mcp_tool | Ambiguous C# MCP tool name | low | 0.85 | 12.8 | tool_definition.yaml |
| 19 | MCP-019 | MCP | tool | mcp_tool | PHP MCP tool has no description | low | 0.85 | 12.8 | tool_definition.yaml |
| 20 | MCP-020 | MCP | tool | mcp_tool | Ambiguous PHP MCP tool name | low | 0.85 | 12.8 | tool_definition.yaml |
| 21 | MCP-021 | MCP | tool | mcp_tool | Rust MCP tool has no description | low | 0.85 | 12.8 | tool_definition.yaml |
| 22 | MCP-022 | MCP | tool | mcp_tool | Ambiguous Rust MCP tool name | low | 0.85 | 12.8 | tool_definition.yaml |