wraith

History

Vantz Stockwell 17973fc3dc fix: SEC-1/SEC-2 shell escape utility + MCP bearer token auth - New shell_escape() utility for safe command interpolation - Applied across all MCP tools, docker, scanner, network commands - MCP server generates random bearer token at startup - Token written to mcp-token file with 0600 permissions - All MCP HTTP requests require Authorization header - Bridge binary reads token and sends on every request Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 16:40:13 -04:00
..
wraith_mcp_bridge.rs	fix: SEC-1/SEC-2 shell escape utility + MCP bearer token auth	2026-03-29 16:40:13 -04:00

Vantz Stockwell 17973fc3dc fix: SEC-1/SEC-2 shell escape utility + MCP bearer token auth

- New shell_escape() utility for safe command interpolation
- Applied across all MCP tools, docker, scanner, network commands
- MCP server generates random bearer token at startup
- Token written to mcp-token file with 0600 permissions
- All MCP HTTP requests require Authorization header
- Bridge binary reads token and sends on every request

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-29 16:40:13 -04:00

wraith_mcp_bridge.rs

fix: SEC-1/SEC-2 shell escape utility + MCP bearer token auth

2026-03-29 16:40:13 -04:00