flux-protocol

The CLI commands `dev` and `build` utilize `child_process.spawn` with `shell: true`. This approach, while common in CLI tools for developers, presents a potential command injection vulnerability if user-provided file paths are not thoroughly sanitized to prevent inclusion of shell metacharacters. While `path.resolve` is used, it does not guarantee complete shell sanitization. On the server side, the `FluxServer.callTool` method directly passes `Object.values(args)` as positional arguments to connector methods. There is no explicit runtime type or schema validation within the SDK's core execution based on the generated schema. This design choice delegates the responsibility for robust input validation to the individual connector developers (e.g., using the `zod` dependency for schema validation), which could lead to unexpected behavior or runtime errors if connector methods receive malformed or untyped data.