Additional Improvements to MCP Server Config security#5943
Additional Improvements to MCP Server Config security#5943christopherholland-workday wants to merge 1 commit intomainfrom
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
The pull request enhances the security of the MCP (Malicious Command Protection) tool by adding more flags and subcommands to the blocklists for npx, node, and docker commands, preventing arbitrary code execution, privilege escalation, and local file access vulnerabilities. Specifically, the changes include blocking --yes and --node-options for npx, -r, --require, --loader, --experimental-loader, --import, and --env-file for node, and build, compose, --mount, --volumes-from, --device, --entrypoint, and --env-file for docker. Additionally, the regex for Unix absolute paths was updated to correctly identify paths starting with double slashes, preventing path traversal vulnerabilities. New test cases were added to validate these security enhancements.
christopherholland-workday
requested review from
HenryHengZJ,
igor-magun-wd and
yau-wd
2 participants
FLOWISE-296