mcp-server

The server uses `stdio` for communication, limiting direct network exposure for the server itself. However, it makes outbound network requests to the Glean API using credentials (GLEAN_API_TOKEN) sourced from environment variables or CLI arguments, which is good practice. A potential, though mitigated, risk exists in the `instance` parameter used to construct API URLs: if a malicious `instance` value (e.g., containing special characters or other domains) were provided by a compromised local AI client, it could potentially lead to Server-Side Request Forgery (SSRF) against internal network resources. Currently, the server primarily runs locally and expects a simple string for the instance name. The project uses pnpm-lock.yaml for dependency integrity and sets limited permissions for log files (0o600).