statamic-mcp

The authentication middleware uses Basic Auth and a custom Base64-encoded token (functionally similar to Basic Auth), which relies on HTTPS for secure transport. The `BaseStatamicTool::validateAndSanitizeArguments` is intentionally permissive for 'Claude compatibility', performing only basic null byte checks and deferring deeper input validation to underlying Statamic APIs. This approach could be a vulnerability if a downstream Statamic component has insufficient validation for specific field types or data structures when processing AI-generated input. The `AssetsRouter::createAsset` and `AssetsRouter::uploadAsset` methods allow uploading file content (either base64 encoded or from a local path) by creating temporary files and using `Illuminate\Http\UploadedFile`. While `mime_content_type` is used, it does not guarantee protection against all forms of malicious file uploads (e.g., PHP web shells). If an attacker can control or jailbreak the AI's input, this could lead to remote code execution. Other parts of the system, such as `PathValidator` and Statamic's blueprint-based field validation in `ContentRouter`, demonstrate strong security practices for their respective domains. Configuration settings are protected with whitelisting in `SystemRouter` to prevent arbitrary changes.