GeminiMCP

1. **Hardcoded HTTP Scheme (Medium):** The OAuth well-known endpoint metadata (`http_server.go`) hardcodes the `http://` scheme, which is insecure for production environments using HTTPS. This is noted as a vulnerability in the `refactoring_plan.md`. 2. **JWT Secret Key Length (Low):** The server only warns if the `GEMINI_AUTH_SECRET_KEY` is less than 32 characters, rather than enforcing it. However, authentication is disabled if the secret key is missing when authentication is enabled. 3. **CORS Default (Low/Contextual):** By default, the HTTP server allows all (`*`) CORS origins. While convenient for development, it's a security risk in production, requiring users to configure `GEMINI_HTTP_CORS_ORIGINS`. The code does warn against using `*` when auth is enabled. 4. **Stdio Transport Lack of Auth (Inherent):** The `stdio` transport mode, as per MCP design, does not support authentication, which is a known limitation. 5. **Robust Local File Path Sanitization:** The `Architecture Overview.md` incorrectly states 'No input sanitization for file paths'; however, `readLocalFiles` (in `gemini_ask_handler.go`) implements strong path traversal and symlink checks, significantly mitigating this risk for local file access. Overall, the project demonstrates an awareness of security best practices, with most issues being either documented, mitigated, or inherent to the protocol/development convenience.