The MCP server exposes zero shell-execution tools — no execute_shell_cmd, no arbitrary code path. The agent physically cannot escape the security boundary defined by the server.
One-liner pull of a prebuilt Windows VMware DFIR lab VM with all tools native (Volatility3, capa, FLOSS, YARA, oletools, Eric Zimmerman, Chainsaw, Hayabusa, Sleuth Kit, RegRipper, AppCompatProcessor) ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results