gemini-vision-mcp

Artin0123/gemini-image-mcp-server

12 files · 3 findings

3 high

Tool Poisoningclean

Command Injectionclean

Path Traversalclean

SSRF1 issue

Credential Theft2 issues

Excessive Permissionsclean

Missing Authclean

Supply Chain

SSRF1

high

Passing user-controlled variables directly to fetch, axios, or http.get without URL validation enables SSRF attacks.

src/gemini-media.ts:145

const response = await fetch(source.data);

How to fix

Validate and sanitize all URLs before making HTTP requests. Use an allowlist of permitted domains.

Credential Theft2

high

Accessing process.env properties like API_KEY, SECRET, TOKEN, or PASSWORD via dot notation may indicate credential harvesting.

src/index.ts:99

normalizedConfig.geminiApiKey ?? process.env.GEMINI_API_KEY?.trim();

How to fix

Avoid accessing sensitive env vars directly. Use a configuration module that validates and restricts access.

high

Accessing process.env properties like API_KEY, SECRET, TOKEN, or PASSWORD via dot notation may indicate credential harvesting.

src/index.ts:251

const envApiKey = process.env.GEMINI_API_KEY?.trim();

How to fix

Avoid accessing sensitive env vars directly. Use a configuration module that validates and restricts access.