frontmcp

The server explicitly deals with dynamic code execution via the `codecall` plugin using `enclave-vm` for sandboxing untrusted JavaScript. It also uses runtime transpilation for JSX/MDX templates (`new Function`/`eval` in `libs/ui/src/renderers/utils/transpiler.ts`) and regex validation in `json-schema-to-zod-v3` with ReDoS protection. Input sanitization (`libs/ui/src/runtime/sanitizer.ts`) and HTML escaping (`escapeHtml`) are implemented for UI components to prevent XSS. Button `href` protocols are validated to prevent `javascript:` injection. External API calls are made (e.g., fetching OpenAPI specs, JWKS), increasing the attack surface. Overall, the framework demonstrates strong security awareness and implements multiple safeguards for potentially risky operations, making it generally safe for its intended use, but demanding careful configuration in production environments, especially for the `codecall` plugin.