Technical realization principle
The tool passesos.environ.items()方法扫描系统环境变量,核心检测逻辑封装在get_environment_variables函数中。该函数会:
- 遍历所有环境变量键值对
- 对值进行脱敏处理(只显示前5字符)
典型输出示例
Here are what I could find: PATH /usr/*** HOME /home/***
高级检测配置
开发者可以通过修改返回值处理逻辑来调整检测敏感度:
- 移除值长度限制查看完整数据
- 添加特定变量过滤规则
- 集成到自定义MCP客户端测试框架
This answer comes from the articleOpen source tool for detecting security risks in MCP servicesThe
May not be reproduced without permission:AI productivity tools " How does the mcp-is-dangerous tool detect environment variable leakage risk?
English 
简体中文 
日本語 
Deutsch 
Português do Brasil