What happened
A publicly disclosed gist detailed a command injection vulnerability (CVSS 5.0) in MiniCode's MCP implementation, stemming from unsafe use of Node's child_process.spawn.
Why it matters
Even single-author/niche MCP server implementations are part of the growing MCP ecosystem attack surface; command injection in an MCP tool handler gives an attacker code execution wherever that MCP server is deployed alongside an AI agent.
Attack vector
The mcp.ts file's use of child_process.spawn can be manipulated to achieve command injection; the attack can be launched remotely but requires a high level of complexity.
Affected systems
LiuMengxuan04 MiniCode 0.1.0
Mitigation
No official patch confirmed at disclosure time; sanitize all inputs passed to child_process.spawn and avoid shell interpolation.