Skip to content
ATR-2026-00110criticalPrivilege Escalationexperimental

Remote Code Execution via eval() and Dynamic Code Injection

Detects tools or agent instructions that invoke eval(), Function(), vm.runInNewContext(), or similar dynamic code execution primitives. These functions allow arbitrary code execution within the agent runtime, enabling an attacker to break out of sandboxed tool contexts, access the host process, or pivot to child_process for full system compromise.

嚴重度
critical
類別
Privilege Escalation
掃描目標
mcp
作者
ATR Community

建議回應

block toolalertsnapshot

參考資料

OWASP Agentic
ASI05:2026 - Unexpected Code Execution
在 GitHub 上查看完整 YAML →

更多 Privilege Escalation 規則

ATR-2026-00040criticalPrivilege Escalation and Admin Function AccessATR-2026-00041mediumAgent Scope Creep DetectionATR-2026-00064highOver-Permissioned MCP SkillATR-2026-00107highPrivilege Escalation via Delayed Task Execution BypassATR-2026-00111criticalShell Metacharacter Injection in Tool Arguments