info ATLAS: Poison Training Data (AML.T0020) atlas_annotator · 100%
low Tool 'list_genkit_docs' has no annotations annotation_checker · 100%
low Tool 'search_genkit_docs' has no annotations annotation_checker · 100%
low Tool 'read_genkit_docs' has no annotations annotation_checker · 100%
low Tool 'get_trace' has no annotations annotation_checker · 100%
critical Tool poisoning in 'get_usage_guide': Directive language: 'always' poisoning · 85%
critical Tool poisoning in 'get_usage_guide': Cross-tool sequencing directive poisoning · 85%
critical Tool poisoning in 'read_genkit_docs': Directive language: 'you must' poisoning · 85%
medium OAuth implementation without PKCE auth_checker · 75%
medium Permission: network access detected permission_analyzer · 90%
low Permission: filesystem access detected permission_analyzer · 90%
high Permission: shell access detected permission_analyzer · 95%
low Permission: env_vars access detected permission_analyzer · 90%
medium Excessive dependency count: 963 direct dependencies dependency_analyzer · 90%
info OSV.dev API query failed dependency_analyzer · 100%
high Hardcoded Password found in js/plugins/cloud-sql-pg/README.md secret_scanner · 65%
high Generic API Key Assignment found in genkit-tools/common/src/utils/analytics.ts secret_scanner · 75%
medium High-entropy string (6.02 bits/char) in go/plugins/googlegenai/gemini_test.go:692 entropy_analyzer · 55%
medium High-entropy string (6.02 bits/char) in go/plugins/googlegenai/gemini_test.go:727 entropy_analyzer · 55%
medium Buffer.from base64 in js/plugins/firebase/src/context.ts:373 entropy_analyzer · 75%
info SLSA Build Level 3 detected slsa_assessor · 85%
high High-risk OAuth scope: https://www.googleapis.com/auth/cloud-platform oauth_scope_analyzer · 80%
info Could not connect to MCP server for output poisoning scan output_poisoning · 100%
info Could not connect to MCP server for behavioral verification behavioral_verifier · 100%
info SBOM generated: 2346 components sbom_generator · 100%
info MITRE ATLAS technique coverage summary atlas_annotator · 100%
info package.json metadata manifest_parser · 100%
info pyproject.toml metadata manifest_parser · 100%
info Tool: truth manifest_parser · 75%
info Tool: resumable manifest_parser · 75%
info Tool: add manifest_parser · 75%
info Tool: test_http manifest_parser · 70%
info Tool: lookupUsers manifest_parser · 75%
info Tool: math/add manifest_parser · 75%
info Tool: math/subtract manifest_parser · 75%
info Tool: tellAFunnyJoke manifest_parser · 75%
info Tool: jokeSubjectGenerator manifest_parser · 75%
info Tool: gablorkenTool manifest_parser · 75%
info Tool: characterGenerator manifest_parser · 75%
info Tool: exitTool manifest_parser · 75%
info Tool: getColor manifest_parser · 75%
info Tool: transferMoney manifest_parser · 75%
info Tool: getWeather manifest_parser · 75%
info Tool: getTime manifest_parser · 75%
info Tool: getSomePreformattedText manifest_parser · 75%
info Tool: getSomeMarkdown manifest_parser · 75%
info Tool: fetchCatalog manifest_parser · 75%
info Tool: searchCatalog manifest_parser · 75%
info Tool: fetchMostPopularItems manifest_parser · 75%
info Tool: processPayment manifest_parser · 75%
info Tool: getStoreInfo manifest_parser · 75%
info Tool: getProductDetails manifest_parser · 75%
info Tool: todaysMenu manifest_parser · 75%
info Tool: someListFilesTool manifest_parser · 75%
info Tool: celsiusToFahrenheit manifest_parser · 75%
info Tool: screenshot manifest_parser · 75%
info Tool: toolA manifest_parser · 75%
info Tool: toolB manifest_parser · 75%
info Tool: testTool manifest_parser · 75%
info Tool: dynamicTestTool1 manifest_parser · 75%
info Tool: dynamicMultipartTool manifest_parser · 75%
info Tool: simpleTool manifest_parser · 75%
info Tool: interruptingTool manifest_parser · 75%
info Tool: resumableTool manifest_parser · 75%
info Tool: good_tool manifest_parser · 75%
info Tool: bad_tool manifest_parser · 75%
info Tool: bad_tool_approved manifest_parser · 75%
info Tool: ${params.serverName}/${tool.name} manifest_parser · 75%
info Tool: ${options.name}/${tool.name} manifest_parser · 75%
info Tool: get_weather manifest_parser · 75%
info Tool: echoTool manifest_parser · 75%
info Tool: get_current_weather manifest_parser · 75%
info Tool: fooz manifest_parser · 75%
info Tool: test manifest_parser · 75%
info Tool: test_meta manifest_parser · 75%
info Tool: dynamic manifest_parser · 75%
info Tool: regular manifest_parser · 75%
info Tool: multipart manifest_parser · 75%
info Tool: interruptTool manifest_parser · 75%
info Tool: test/tool manifest_parser · 75%
info Tool: other/tool manifest_parser · 75%
info Tool: test/tool1 manifest_parser · 75%
info Tool: other/tool2 manifest_parser · 75%
info Tool: mockTool manifest_parser · 75%
info Tool: middlewareTool manifest_parser · 75%
info Tool: injectedTool manifest_parser · 75%
info Tool: namespaced/add manifest_parser · 75%
info Tool: multiTool manifest_parser · 75%
info Tool: fallbackTool manifest_parser · 75%
info Tool: menuLookupTool manifest_parser · 75%
info Tool: reservationTool manifest_parser · 75%
info Tool: reservationAgent manifest_parser · 75%
info Tool: weatherTool manifest_parser · 75%
info Tool: datePicker manifest_parser · 75%
info Tool: searchEvents manifest_parser · 75%
info Tool: reportAbsence manifest_parser · 75%
info Tool: reportTardy manifest_parser · 75%
info Tool: upcomingHolidays manifest_parser · 75%
info Tool: getRecentGrades manifest_parser · 75%
info Tool: get_usage_guide manifest_parser · 85%
info Tool: list_flows manifest_parser · 85%
info Tool: run_flow manifest_parser · 85%
info Tool: start_runtime manifest_parser · 85%
info Tool: list_genkit_docs manifest_parser · 85%
info Tool: search_genkit_docs manifest_parser · 85%
info Tool: read_genkit_docs manifest_parser · 85%
info Tool: get_trace manifest_parser · 85%
info Transport: streamable-http manifest_parser · 80%
info Required env vars (63) manifest_parser · 80%
low Tool 'add' has no annotations annotation_checker · 100%
low Tool 'test_http' has no annotations annotation_checker · 100%
low Tool 'lookupUsers' has no annotations annotation_checker · 100%
low Tool 'math/add' has no annotations annotation_checker · 100%
low Tool 'math/subtract' has no annotations annotation_checker · 100%
low Tool 'tellAFunnyJoke' has no annotations annotation_checker · 100%
low Tool 'jokeSubjectGenerator' has no annotations annotation_checker · 100%
low Tool 'gablorkenTool' has no annotations annotation_checker · 100%
low Tool 'characterGenerator' has no annotations annotation_checker · 100%
low Tool 'exitTool' has no annotations annotation_checker · 100%
low Tool 'getColor' has no annotations annotation_checker · 100%
low Tool 'transferMoney' has no annotations annotation_checker · 100%
low Tool 'getWeather' has no annotations annotation_checker · 100%
low Tool 'getTime' has no annotations annotation_checker · 100%
low Tool 'getSomePreformattedText' has no annotations annotation_checker · 100%
low Tool 'getSomeMarkdown' has no annotations annotation_checker · 100%
low Tool 'fetchCatalog' has no annotations annotation_checker · 100%
low Tool 'searchCatalog' has no annotations annotation_checker · 100%
low Tool 'fetchMostPopularItems' has no annotations annotation_checker · 100%
low Tool 'processPayment' has no annotations annotation_checker · 100%
low Tool 'getStoreInfo' has no annotations annotation_checker · 100%
low Tool 'getProductDetails' has no annotations annotation_checker · 100%
low Tool 'todaysMenu' has no annotations annotation_checker · 100%
low Tool 'someListFilesTool' has no annotations annotation_checker · 100%
low Tool 'celsiusToFahrenheit' has no annotations annotation_checker · 100%
low Tool 'screenshot' has no annotations annotation_checker · 100%
low Tool 'toolA' has no annotations annotation_checker · 100%
low Tool 'toolB' has no annotations annotation_checker · 100%
low Tool 'testTool' has no annotations annotation_checker · 100%
low Tool 'dynamicTestTool1' has no annotations annotation_checker · 100%
low Tool 'test/tool' has no annotations annotation_checker · 100%
low Tool 'dynamicMultipartTool' has no annotations annotation_checker · 100%
low Tool 'simpleTool' has no annotations annotation_checker · 100%
low Tool 'interruptingTool' has no annotations annotation_checker · 100%
low Tool 'resumableTool' has no annotations annotation_checker · 100%
low Tool 'truth' has no annotations annotation_checker · 100%
low Tool 'resumable' has no annotations annotation_checker · 100%
low Tool 'good_tool' has no annotations annotation_checker · 100%
low Tool 'bad_tool' has no annotations annotation_checker · 100%
low Tool 'bad_tool_approved' has no annotations annotation_checker · 100%
low Tool '${params.serverName}/${tool.name}' has no annotations annotation_checker · 100%
low Tool '${options.name}/${tool.name}' has no annotations annotation_checker · 100%
low Tool 'get_weather' has no annotations annotation_checker · 100%
low Tool 'echoTool' has no annotations annotation_checker · 100%
low Tool 'get_current_weather' has no annotations annotation_checker · 100%
low Tool 'fooz' has no annotations annotation_checker · 100%
low Tool 'test' has no annotations annotation_checker · 100%
low Tool 'test_meta' has no annotations annotation_checker · 100%
low Tool 'dynamic' has no annotations annotation_checker · 100%
low Tool 'regular' has no annotations annotation_checker · 100%
low Tool 'multipart' has no annotations annotation_checker · 100%
low Tool 'interruptTool' has no annotations annotation_checker · 100%
low Tool 'other/tool' has no annotations annotation_checker · 100%
low Tool 'test/tool1' has no annotations annotation_checker · 100%
low Tool 'other/tool2' has no annotations annotation_checker · 100%
low Tool 'mockTool' has no annotations annotation_checker · 100%
low Tool 'middlewareTool' has no annotations annotation_checker · 100%
low Tool 'injectedTool' has no annotations annotation_checker · 100%
low Tool 'namespaced/add' has no annotations annotation_checker · 100%
low Tool 'multiTool' has no annotations annotation_checker · 100%
low Tool 'fallbackTool' has no annotations annotation_checker · 100%
low Tool 'menuLookupTool' has no annotations annotation_checker · 100%
low Tool 'reservationTool' has no annotations annotation_checker · 100%
low Tool 'reservationAgent' has no annotations annotation_checker · 100%
low Tool 'weatherTool' has no annotations annotation_checker · 100%
low Tool 'datePicker' has no annotations annotation_checker · 100%
low Tool 'searchEvents' has no annotations annotation_checker · 100%
low Tool 'reportAbsence' has no annotations annotation_checker · 100%
low Tool 'reportTardy' has no annotations annotation_checker · 100%
low Tool 'upcomingHolidays' has no annotations annotation_checker · 100%
low Tool 'getRecentGrades' has no annotations annotation_checker · 100%
low Tool 'get_usage_guide' has no annotations annotation_checker · 100%
low Tool 'list_flows' has no annotations annotation_checker · 100%
low Tool 'run_flow' has no annotations annotation_checker · 100%
low Tool 'start_runtime' has no annotations annotation_checker · 100%
info pyproject.toml metadata manifest_parser · 100%
info Tool: test_http manifest_parser · 70%
info Transport: streamable-http manifest_parser · 80%
info Required env vars (56) manifest_parser · 80%
low Tool 'test_http' has no annotations annotation_checker · 100%
medium OAuth implementation without PKCE auth_checker · 75%
medium Permission: network access detected permission_analyzer · 90%
low Permission: filesystem access detected permission_analyzer · 90%
high Permission: shell access detected permission_analyzer · 95%
low Permission: env_vars access detected permission_analyzer · 90%
medium Excessive dependency count: 947 direct dependencies dependency_analyzer · 90%
info OSV.dev API query failed dependency_analyzer · 100%
high Hardcoded Password found in js/plugins/cloud-sql-pg/README.md secret_scanner · 65%
high Generic API Key Assignment found in genkit-tools/common/src/utils/analytics.ts secret_scanner · 75%
medium High-entropy string (6.02 bits/char) in go/plugins/googlegenai/gemini_test.go:692 entropy_analyzer · 55%
medium High-entropy string (6.02 bits/char) in go/plugins/googlegenai/gemini_test.go:727 entropy_analyzer · 55%
medium Buffer.from base64 in js/plugins/firebase/src/context.ts:373 entropy_analyzer · 75%
info SLSA Build Level 3 detected slsa_assessor · 85%
high High-risk OAuth scope: https://www.googleapis.com/auth/cloud-platform oauth_scope_analyzer · 80%
info Could not connect to MCP server for output poisoning scan output_poisoning · 100%
info Could not connect to MCP server for behavioral verification behavioral_verifier · 100%
info SBOM generated: 2329 components sbom_generator · 100%
info MITRE ATLAS technique coverage summary atlas_annotator · 100%
info ATLAS: Poison Training Data (AML.T0020) atlas_annotator · 100%
info package.json metadata manifest_parser · 100%