DevDocs

The `app/api/debug/route.ts` endpoint executes a local shell script (`debug_crawl4ai.sh`) via `child_process.exec`. While intended for debugging and the script doesn't take user input to form commands, direct execution of local scripts via web endpoints is a significant risk. The `debug_crawl4ai.sh` script also logs `CRAWL4AI_API_TOKEN` (defaulting to a "devdocs-demo-key") in its output, which could be exposed via the `/api/debug` endpoint. Additionally, the `docker-start.sh` script sets overly permissive `chmod -R 777` permissions on `logs`, `storage`, and `crawl_results` directories, which is acceptable for local development but highly insecure for production. Path traversal vulnerabilities in file storage and download endpoints appear well-mitigated. The MCP server itself uses stdio, reducing network attack surface, but its `search_files` tool (if `use_regex` is enabled and user input isn't validated) could be vulnerable to ReDoS without further inspection of `MarkdownStore` (which is summarized).