Conductor

The project implements robust security audit features, including pattern matching for dangerous commands (`eval`, `exec`, shell operators), sensitive file paths, credential exposure in environment variables, and supply chain risks (unpinned packages, unverified sources from MCP Registry). It explicitly warns about these to the user. Internally, the application uses `child_process.exec` in two places: 1. `src/app/api/open-folder/route.ts`: To open config file locations (`explorer` on Windows, `open` on macOS). User-provided `filePath` is strictly validated by `validatePath` (checks for `..` and ensures it's within known/allowed system directories) and the command itself (`explorer` or `open`) is whitelisted by `validateCommand`. This minimizes risk. 2. `src/lib/scanners/docker-scanner.ts`: To list running Docker containers (`docker ps`). This is an internal command execution not directly controlled by user input and is essential for Docker integration. The internal use of `exec` is accompanied by validation and whitelisting measures, and rate limiting (`RateLimiter`) is implemented for API endpoints to prevent abuse. No obvious hardcoded secrets or malicious patterns are found. The overall approach is to proactively identify and warn against security risks in discovered MCP servers, while implementing reasonable safeguards for its own operations.