From 7c16055b114a8336810ebeef3326de2084fe1d8d Mon Sep 17 00:00:00 2001
From: John Lee <johnteee@gmail.com>
Date: Thu, 14 May 2026 00:15:25 +0800
Subject: [PATCH] Potential fix for code scanning alert no. 6: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 teaagent/cli/_handlers/_mcp.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/teaagent/cli/_handlers/_mcp.py b/teaagent/cli/_handlers/_mcp.py
index 83f4fb1..2b57adc 100644
--- a/teaagent/cli/_handlers/_mcp.py
+++ b/teaagent/cli/_handlers/_mcp.py
@@ -44,7 +44,7 @@ def mcp_serve_command(args: argparse.Namespace) -> int:
                 parts = spec.split(':', 2)
                 if len(parts) != 3:
                     print(
-                        f'Invalid --oauth-client format: {spec} (expected ID:SECRET:REDIRECT_URI)',
+                        'Invalid --oauth-client format (expected ID:SECRET:REDIRECT_URI).',
                         file=sys.stderr,
                     )
                     return 1