mcp-server-time
pypi:mcp-server-time@2026.1.26
Severity breakdown
Worst finding
Tool `get_current_time` accepts unconstrained string input
· get_current_time
The following string parameter(s) have no `maxLength` constraint: `timezone`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
All 2 findings
- mediumTool `get_current_time` accepts unconstrained string input· get_current_timeunconstrained input
The following string parameter(s) have no `maxLength` constraint: `timezone`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
- mediumTool `convert_time` accepts unconstrained string input· convert_timeunconstrained input
The following string parameter(s) have no `maxLength` constraint: `source_timezone`, `target_timezone`, `time`. Unbounded strings let an attacker stuff arbitrary payloads through the tool, including indirect-injection content.
fix: Add a `maxLength` to each string property, or constrain with an `enum` or `pattern`. Most legitimate tool inputs fit under a few hundred bytes.
How this was scored
Source sandbox — live tools/list captured in an ephemeral Docker container (parameter schemas included → R1/R2/R4 fire). Findings are emitted by the public capframe.findings.v1 schema. Score = 100 − (10·Critical + 4·High + 2·Medium + 1·Low), clamped to [0, 100].
Disagree with a finding? Open an issue.