Direct usage of child_process module methods with variable arguments may allow command injection.
const { execSync } = require('child_process');Use execFile with explicit argument arrays instead of child_process with string commands.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
sse: `http://localhost:${port}/sse`,Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
app.get('/sse', (req, res) => handleSseConnection('/sse', '/messages', req, res));Add authentication middleware to all routes that access or modify data.
File system operations using variables without prior path validation or sanitization may allow traversal attacks.
fs.mkdirSync(logDir, { recursive: true });Add path sanitization before all fs operations. Validate paths against an allowlist of permitted directories.
HTML comments in tool descriptions may contain hidden instructions intended to influence LLM reasoning.
output = output.slice(0, maxLength) + '\n<!-- Output truncated due to size limits -->';
Remove HTML comments from description strings. Use source code comments instead.
Direct usage of child_process module methods with variable arguments may allow command injection.
import { spawn } from 'child_process';Use execFile with explicit argument arrays instead of child_process with string commands.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
messages: `http://localhost:${port}/messages`,Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
mcp: `http://localhost:${port}/mcp`,Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
health: `http://localhost:${port}/health`,Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
"url": "http://localhost:${port}/mcp",Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
Requests targeting 127.0.0.1, localhost, or [::1] may access internal services not intended to be exposed.
"url": "http://localhost:8931/mcp",
Block requests to localhost and loopback addresses. Implement URL validation that rejects 127.x.x.x and ::1.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
app.post('/messages', (req, res) => handlePostMessage('/messages', req, res));Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
app.get('/mcp', (req, res) => handleSseConnection('/mcp', '/mcp', req, res));Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
app.post('/mcp', (req, res) => handlePostMessage('/mcp', req, res));Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
app.get('/health', (req, res) => {Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
this.app.get('/health', (req: Request, res: Response) => {Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
this.app.get('/metrics', (req: Request, res: Response) => {Add authentication middleware to all routes that access or modify data.
HTTP endpoints defined without authentication middleware may be accessible to unauthorized users.
this.app.get('/ready', (req: Request, res: Response) => {Add authentication middleware to all routes that access or modify data.
File system operations using variables without prior path validation or sanitization may allow traversal attacks.
fs.unlinkSync(oldFile); // Delete oldest file
Add path sanitization before all fs operations. Validate paths against an allowlist of permitted directories.
Using path.join or path.resolve with variables from user input without validation can lead to directory traversal.
path: path.resolve(args.outputPath || '.', filename),
Sanitize user input before passing to path.join/resolve. Use path.normalize() and check for '..' sequences.
File system operations using variables without prior path validation or sanitization may allow traversal attacks.
fs.mkdirSync(downloadsDir, { recursive: true });Add path sanitization before all fs operations. Validate paths against an allowlist of permitted directories.