mcp-server-ccxt

Security Findings (13)

• HighInsecure Secret Handling ×11

  • account-balance:input parameter "apiKey" appears to accept a secret or credential
  • account-balance:input parameter "secret" appears to accept a secret or credential
  • place-market-order:input parameter "secret" appears to accept a secret or credential
  • place-market-order:input parameter "apiKey" appears to accept a secret or credential
  • set-leverage:input parameter "apiKey" appears to accept a secret or credential
  • set-leverage:input parameter "secret" appears to accept a secret or credential
  • set-margin-mode:input parameter "apiKey" appears to accept a secret or credential
  • set-margin-mode:input parameter "secret" appears to accept a secret or credential
  • place-futures-market-order:input parameter "secret" appears to accept a secret or credential
  • place-futures-market-order:input parameter "apiKey" appears to accept a secret or credential
  • set-proxy-config:input parameter "password" appears to accept a secret or credential

  Rule: AS-010Fix: Avoid accepting raw credentials as input parameters. Use secret managers (e.g. 1Password CLI, AWS Secrets Manager) and ensure credentials are never logged or stored in agent traces.
• HighExcessive Permission Surface

  set-proxy-config:tool declares network permission

  Rule: AS-002Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
• LowDoS Resilience — Missing Rate Limit / Timeout

  set-proxy-config:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

  Rule: AS-011Fix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.