mcp-server

The server includes robust security measures to prevent command injection, API endpoint manipulation, and path traversal, using allowlists, input sanitization (removing dangerous characters, null bytes, newlines), and `child_process.spawn` with `shell: false`. API requests are authenticated with OAuth2 and data is sanitized. File path validation (validateFilePath) is particularly comprehensive, preventing various encoding and Unicode bypasses and enforcing an environment-variable-configurable allowlist of directories. The README provides critical warnings, explicitly stating that the server is designed for local use only and must never be exposed publicly, highlighting the inherent risks of exposing sensitive vault data to AI assistants. The high score reflects the strong implementation-level security controls given its sensitive domain, but users must strictly adhere to deployment warnings.