Context window optimization for AI coding agents. Sandboxes tool output, 98% reduction. 14 platforms
| Field | Value |
|---|---|
| Grade | D |
| Risk Score | 65 |
| Version | 1.0.75 |
| Vendor | mksglu |
| Stars | ⭐ 11522 |
| npm Package | context-mode |
| npm Downloads (30d) | 49.2k |
| Language | TypeScript |
| Source | context-mode |
| Scan Date | 2026-05-01 |
| Scanner | tooltrust-scanner/v0.3.9 |
| Severity | Count |
|---|---|
| Critical | 2 |
| High | 9 |
| Medium | 6 |
| Low | 7 |
| Info | 0 |
Severity: Medium
Description: tool declares fs permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: High
Description: tool declares network permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool declares http permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Critical
Description: tool name or description implies arbitrary script/code execution (evaluate_script, execute javascript, etc.)
Recommendation: This tool can execute arbitrary code or shell commands on the host system. Remove it unless strictly required. If kept: (1) restrict access to trusted users/agents only, (2) require human approval before each invocation (Claude Desktop: set approval_required: true; other clients: enable equivalent confirmation), (3) use the most restrictive sandbox or read-only mode available, and (4) never expose this tool to untrusted input sources.
Severity: Medium
Description: tool declares fs permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Medium
Description: tool declares fs permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Medium
Description: tool declares db permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Severity: Medium
Description: tool declares fs permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: High
Description: tool declares network permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Medium
Description: tool declares db permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Severity: High
Description: tool declares network permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Critical
Description: tool name or description implies arbitrary script/code execution (evaluate_script, execute javascript, etc.)
Recommendation: This tool can execute arbitrary code or shell commands on the host system. Remove it unless strictly required. If kept: (1) restrict access to trusted users/agents only, (2) require human approval before each invocation (Claude Desktop: set approval_required: true; other clients: enable equivalent confirmation), (3) use the most restrictive sandbox or read-only mode available, and (4) never expose this tool to untrusted input sources.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Severity: High
Description: tool declares exec permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool declares http permission
Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Severity: Low
Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Scored using ToolTrust methodology · Raw JSON report