rt_check_tool_shadowing
Detect tools with names that shadow common MCP tool names to prevent rogue servers from intercepting calls intended for legitimate servers.
Instructions
Detect tools with names that shadow common MCP tool names from well-known servers (read_file, write_file, execute_command, bash, etc.). A rogue server registering these names could intercept calls intended for legitimate servers.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| env | No | Additional environment variables for stdio | |
| url | No | MCP server URL for HTTP/SSE transport (e.g. 'http://localhost:3000/mcp') | |
| args | No | Command arguments for stdio (e.g. ['run', 'server.js']) | |
| command | No | Server command for stdio transport (e.g. 'node', 'bun', 'npx') | |
| headers | No | Custom HTTP headers (e.g. { 'Authorization': 'Bearer token' }) | |
| timeout_ms | No | Connection timeout in milliseconds (default: 30000) | |
| known_tools | No | Custom list of known tool names to check against |