MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL
The MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.