aks-mcp

The project demonstrates a strong focus on security, implementing three-tier access control (readonly, readwrite, admin), robust command injection protection using `shlex.Split` and explicit command validation (e.g., restricting binaries to `az`), and secure Azure authentication methods (Service Principal, Managed Identity, Federated Token) with strict path validation for sensitive files. It enforces read-only root filesystems and least-privilege RBAC in Kubernetes deployments via Helm charts. OAuth 2.1 integration with Azure AD includes PKCE, JWT validation, and configurable CORS/redirects. Telemetry includes an opt-out mechanism (`AKS_MCP_COLLECT_TELEMETRY=false`) and device ID hashing. A default Application Insights instrumentation key is present but is not a sensitive access credential and is overridable by an environment variable. While potential tainted input for subprocess launching is acknowledged (`#nosec G204`), the comprehensive validation logic in `azcli/executor.go` and `security/validator.go` is designed to mitigate this risk.