mcp-process

CRITICAL VULNERABILITY: The `ServiceManager.executeHealthCheck` function directly spawns health check commands (`child_process.spawn`) without performing security validations (e.g., executable allowlist, argument injection checks) via the `SecurityManager`. This means an attacker capable of defining or modifying a `ServiceConfig` (including its `healthCheck.command`) could execute arbitrary commands on the host system, bypassing all intended security layers. This is a severe remote code execution vulnerability. Other security measures like executable allowlisting, argument validation, environment sanitization, and privilege prevention are well-implemented for `process_start` operations, but this specific flow bypasses them. Hardcoded dangerous environment variables are blocked, and the Docker setup promotes non-root execution and capability dropping, which are good practices. No obfuscation or obvious hardcoded secrets were found.