Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 94% confidence
- Finding
- The documented behavior promises a straightforward text transformation, but the analyzed behavior indicates it may read arbitrary file paths and mishandle stdin by treating input text as a filename. That mismatch is dangerous because callers may trust it in automated workflows, leading to unintended file access, failed processing, or modification of the wrong target while believing it is operating only on provided text content.
