ATR-2026-00111criticalPrivilege Escalationexperimental
Shell Metacharacter Injection in Tool Arguments
Detects shell metacharacter injection patterns in tool arguments or agent-generated commands. Attackers embed backtick execution, $() subshells, semicolons, pipes, or logical operators to chain malicious commands onto otherwise safe tool invocations. Null byte and newline injection are also covered as they can truncate or split commands in vulnerable parsers.
嚴重度
critical
類別
Privilege Escalation
掃描目標
mcp
作者
ATR Community
建議回應
block toolalertsnapshot
參考資料
OWASP Agentic
ASI05:2026 - Unexpected Code Execution
更多 Privilege Escalation 規則
ATR-2026-00040criticalPrivilege Escalation and Admin Function AccessATR-2026-00041mediumAgent Scope Creep DetectionATR-2026-00064highOver-Permissioned MCP SkillATR-2026-00107highPrivilege Escalation via Delayed Task Execution BypassATR-2026-00110criticalRemote Code Execution via eval() and Dynamic Code Injection