OpenZeppelin Cairo Contracts MCP
https://mcp.openzeppelin.com/contracts/cairo/mcp
Severity breakdown
Worst finding
Tool `cairo-erc20` accepts unconstrained string input
· cairo-erc20
The following string parameter(s) have no `maxLength` constraint: `appName`, `appVersion`, `decimals`, `name`, `premint`, `symbol`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
All 7 findings
- mediumTool `cairo-erc20` accepts unconstrained string input· cairo-erc20unconstrained input
The following string parameter(s) have no `maxLength` constraint: `appName`, `appVersion`, `decimals`, `name`, `premint`, `symbol`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-erc721` accepts unconstrained string input· cairo-erc721unconstrained input
The following string parameter(s) have no `maxLength` constraint: `appName`, `appVersion`, `baseUri`, `name`, `symbol`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-erc1155` accepts unconstrained string input· cairo-erc1155unconstrained input
The following string parameter(s) have no `maxLength` constraint: `baseUri`, `name`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-account` accepts unconstrained string input· cairo-accountunconstrained input
The following string parameter(s) have no `maxLength` constraint: `name`, `type`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-multisig` accepts unconstrained string input· cairo-multisigunconstrained input
The following string parameter(s) have no `maxLength` constraint: `name`, `quorum`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-vesting` accepts unconstrained string input· cairo-vestingunconstrained input
The following string parameter(s) have no `maxLength` constraint: `cliffDuration`, `duration`, `name`, `schedule`, `startDate`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `cairo-custom` accepts unconstrained string input· cairo-customunconstrained input
The following string parameter(s) have no `maxLength` constraint: `name`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
How this was scored
Source http — live HTTP MCP endpoint, classified against every rule. Findings are emitted by the public capframe.findings.v1 schema. Score = 100 − (10·Critical + 4·High + 2·Medium + 1·Low), clamped to [0, 100].
Disagree with a finding? Open an issue.