CyberChef-MCP

The project demonstrates a very strong focus on security. It uses a Chainguard distroless Docker image (zero-CVE baseline, non-root execution, read-only filesystem, SLSA Build Level 3 provenance) for a reduced attack surface. All inputs are validated against `zod` schemas. Recent updates fixed critical vulnerabilities including cryptographic randomness weaknesses (`Math.random()` replaced with `crypto.randomBytes()`), multiple Regular Expression Denial of Service (ReDoS) vulnerabilities (addressed by a `SafeRegex.mjs` module with pattern length limits and timeout-based validation), and arbitrary code execution via `eval()` (replaced with safe DOM script creation, although this specific fix was for the upstream web UI, which is removed in this MCP fork). The server communicates via standard input/output (stdio), which means it does not open network ports itself, reducing external attack surface. Resource limits for input size and operation timeouts are configurable. The upstream CyberChef explicitly states, 'Cryptographic operations in CyberChef should not be relied upon to provide security in any situation,' which implies that while the *implementation* might be correct, the *algorithms* themselves (e.g., ROT13, RC4, older hash functions) are not suitable for modern security; this is a general cryptographic caution rather than an implementation flaw in this project.