From e16d4283c6ac46634ace1585d7bbc8b452e62e50 Mon Sep 17 00:00:00 2001
From: beejak <beejak@users.noreply.github.com>
Date: Wed, 22 Apr 2026 20:16:05 +0530
Subject: [PATCH] docs(everything): warn that get-env may expose secrets

Extend the `get-env` tool description so operators know environment values can include API keys and tokens.

Made-with: Cursor
---
 src/everything/tools/get-env.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/everything/tools/get-env.ts b/src/everything/tools/get-env.ts
index 0adbf5a14d..9ba722d706 100644
--- a/src/everything/tools/get-env.ts
+++ b/src/everything/tools/get-env.ts
@@ -6,7 +6,7 @@ const name = "get-env";
 const config = {
   title: "Print Environment Tool",
   description:
-    "Returns all environment variables, helpful for debugging MCP server configuration",
+    "Returns all environment variables, helpful for debugging MCP server configuration. Warning: values may include secrets (API keys, tokens); only enable this tool in trusted environments.",
   inputSchema: {},
 };