fabric-mcp

The server implements robust input validation for SQL identifiers (table names, schema names) to prevent SQL injection in tools that construct SQL queries (e.g., `get_table_schema`, `get_table_sample_data`). The `execute_custom_sql_query` tool explicitly allows execution of arbitrary SQL, placing responsibility for query safety on the user (and the AI crafting the query), but this is a feature, not a vulnerability in the server's parsing. Authentication tokens are handled by MSAL, with interactive mode caching tokens locally (with a warning not to share), and service principal mode requiring secrets via environment variables, which the documentation strongly advises against committing to version control. No 'eval' or malicious patterns were found. The primary security risk lies in the permissions granted to the authenticated user/service principal, rather than vulnerabilities in the server's code itself.