| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in this project, please follow these steps:
- DO NOT open a public issue
- Email the details to the project maintainer (see CODE_OF_CONDUCT.md for contact)
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
When using this chatbot with MCP servers:
- Store sensitive credentials in environment variables, not in code
- Use
.envfiles for local development (never commit these) - OAuth tokens are stored in
.mcp_tokens/- ensure this directory is gitignored
- Always validate input in MCP servers
- Implement path restrictions for filesystem operations
- Use authentication for production MCP servers
- Limit tool permissions to what's necessary
- Use HTTPS for HTTP/SSE transports in production
- Verify SSL certificates
- Be cautious with self-signed certificates
The example servers in examples/mcp-servers/ are for demonstration only:
- The filesystem server has basic path validation but should be enhanced for production
- The weather server uses mock data and is safe
- The OAuth servers use test credentials - replace for production use
- Environment Variables: Use
${VAR_NAME}syntax in MCP config for secrets - File Permissions: Restrict access to
.mcp_tokens/and.envfiles - Input Validation: Always validate and sanitize user input in MCP servers
- Least Privilege: Grant minimal necessary permissions to MCP tools
- Audit Logging: Log MCP tool usage for security monitoring