Bugfix/Custom MCP Security (#4963)

* - Implemented a validation function to check for banned commands and dangerous patterns. - Added checks for potential shell injection attempts in command and arguments. - Security validation is conditionally enabled based on environment variable CUSTOM_MCP_SECURITY_CHECK. * Enhance security by implementing command and argument validation in SupergatewayMCP. Added checks for banned commands, dangerous patterns, and potential shell injection attempts. Security validation is conditionally enabled based on the CUSTOM_MCP_SECURITY_CHECK environment variable. * add validateMCPServerSecurity
2026-06-29 15:01:11 +03:00 · 2025-07-30 16:44:20 +01:00
parent 498129e9d2
commit e8dac2048f
3 changed files with 423 additions and 15 deletions
@@ -1,7 +1,7 @@
 import { Tool } from '@langchain/core/tools'
 import { ICommonObject, INode, INodeData, INodeOptionsValue, INodeParams } from '../../../../src/Interface'
 import { getNodeModulesPackagePath } from '../../../../src/utils'
-import { MCPToolkit } from '../core'
+import { MCPToolkit, validateMCPServerSecurity } from '../core'

 class Supergateway_MCP implements INode {
    label: string
@@ -90,21 +90,28 @@ class Supergateway_MCP implements INode {
        const _args = nodeData.inputs?.arguments as string
        const packagePath = getNodeModulesPackagePath('supergateway/dist/index.js')

+        const processedArgs = _args
+            .trim()
+            .split(/\s+/)
+            .map((arg) => {
+                // Remove surrounding double or single quotes if they exist
+                if ((arg.startsWith('"') && arg.endsWith('"')) || (arg.startsWith("'") && arg.endsWith("'"))) {
+                    return arg.slice(1, -1)
+                }
+                return arg
+            })
+
        const serverParams = {
            command: 'node',
-            args: [
-                packagePath,
-                ..._args
-                    .trim()
-                    .split(/\s+/)
-                    .map((arg) => {
-                        // Remove surrounding double or single quotes if they exist
-                        if ((arg.startsWith('"') && arg.endsWith('"')) || (arg.startsWith("'") && arg.endsWith("'"))) {
-                            return arg.slice(1, -1)
-                        }
-                        return arg
-                    })
-            ]
+            args: [packagePath, ...processedArgs]
+        }
+
+        if (process.env.CUSTOM_MCP_SECURITY_CHECK === 'true') {
+            try {
+                validateMCPServerSecurity(serverParams)
+            } catch (error) {
+                throw new Error(`Security validation failed: ${error.message}`)
+            }
        }

        const toolkit = new MCPToolkit(serverParams, 'stdio')