feat: enhance security measures for MCP server interactions

- Restricted CORS to localhost origins to prevent remote code execution (RCE) attacks. - Updated MCP server configuration handling to enforce security warnings when adding or importing servers. - Introduced a SecurityWarningDialog to inform users about potential risks associated with server commands and configurations. - Ensured that only serverId is accepted for testing server connections, preventing arbitrary command execution. These changes improve the overall security posture of the MCP server management and usage.
2026-02-02 20:43:36 +00:00 · 2025-12-28 22:38:29 -05:00
parent 3c719f05a1
commit 0e1e855cc5
13 changed files with 310 additions and 89 deletions
--- a/apps/server/src/routes/mcp/routes/list-tools.ts
+++ b/apps/server/src/routes/mcp/routes/list-tools.ts
@@ -4,21 +4,22 @@
 * Lists available tools for an MCP server.
 * Similar to test but focused on tool discovery.
 *
+ * SECURITY: Only accepts serverId to look up saved configs. Does NOT accept
+ * arbitrary serverConfig to prevent drive-by command execution attacks.
+ * Users must explicitly save a server config through the UI before testing.
+ *
 * Request body:
 *   { serverId: string } - Get tools by server ID from settings
- *   OR { serverConfig: MCPServerConfig } - Get tools with provided config
 *
 * Response: { success: boolean, tools?: MCPToolInfo[], error?: string }
 */

 import type { Request, Response } from 'express';
 import type { MCPTestService } from '../../../services/mcp-test-service.js';
-import type { MCPServerConfig } from '@automaker/types';
 import { getErrorMessage, logError } from '../common.js';

 interface ListToolsRequest {
-  serverId?: string;
-  serverConfig?: MCPServerConfig;
+  serverId: string;
 }

 /**
@@ -29,18 +30,15 @@ export function createListToolsHandler(mcpTestService: MCPTestService) {
    try {
      const body = req.body as ListToolsRequest;

-      if (!body.serverId && !body.serverConfig) {
+      if (!body.serverId || typeof body.serverId !== 'string') {
        res.status(400).json({
          success: false,
-          error: 'Either serverId or serverConfig is required',
+          error: 'serverId is required',
        });
        return;
      }

-      // At this point, we know at least one of serverId or serverConfig is truthy
-      const result = body.serverId
-        ? await mcpTestService.testServerById(body.serverId)
-        : await mcpTestService.testServer(body.serverConfig!);
+      const result = await mcpTestService.testServerById(body.serverId);

      // Return only tool-related information
      res.json({
--- a/apps/server/src/routes/mcp/routes/test-server.ts
+++ b/apps/server/src/routes/mcp/routes/test-server.ts
@@ -2,23 +2,23 @@
 * POST /api/mcp/test - Test MCP server connection and list tools
 *
 * Tests connection to an MCP server and returns available tools.
- * Accepts either a serverId to look up config, or a full server config.
+ *
+ * SECURITY: Only accepts serverId to look up saved configs. Does NOT accept
+ * arbitrary serverConfig to prevent drive-by command execution attacks.
+ * Users must explicitly save a server config through the UI before testing.
 *
 * Request body:
 *   { serverId: string } - Test server by ID from settings
- *   OR { serverConfig: MCPServerConfig } - Test with provided config
 *
 * Response: { success: boolean, tools?: MCPToolInfo[], error?: string, connectionTime?: number }
 */

 import type { Request, Response } from 'express';
 import type { MCPTestService } from '../../../services/mcp-test-service.js';
-import type { MCPServerConfig } from '@automaker/types';
 import { getErrorMessage, logError } from '../common.js';

 interface TestServerRequest {
-  serverId?: string;
-  serverConfig?: MCPServerConfig;
+  serverId: string;
 }

 /**
@@ -29,19 +29,15 @@ export function createTestServerHandler(mcpTestService: MCPTestService) {
    try {
      const body = req.body as TestServerRequest;

-      if (!body.serverId && !body.serverConfig) {
+      if (!body.serverId || typeof body.serverId !== 'string') {
        res.status(400).json({
          success: false,
-          error: 'Either serverId or serverConfig is required',
+          error: 'serverId is required',
        });
        return;
      }

-      // At this point, we know at least one of serverId or serverConfig is truthy
-      const result = body.serverId
-        ? await mcpTestService.testServerById(body.serverId)
-        : await mcpTestService.testServer(body.serverConfig!);
-
+      const result = await mcpTestService.testServerById(body.serverId);
      res.json(result);
    } catch (error) {
      logError(error, 'Test server failed');