wechat-robot-mcp-server

CRITICAL security risks identified: 1. **SQL Injection Vulnerability (Database Name):** The `config.buildDSNForRobot` function constructs the database connection string using `robotCode` directly as the database name. If `robotCode` is derived from user-controlled metadata (`mcp.CallToolRequest.Params.Meta`) without proper sanitization, a malicious actor could inject arbitrary SQL into the database name, potentially leading to database compromise (e.g., `malicious_db_name'; DROP DATABASE evil;`). This is a severe vulnerability. 2. **XML External Entity (XXE) Injection:** The `repository/message.go` `GetMessagesByTimeRange` function uses MySQL's `EXTRACTVALUE` (an XPath function for XML) on the `messages.content` field. If `messages.content` can contain user-controlled XML (e.g., from WeChat messages parsed into XML format), this creates a classic XXE vulnerability. An attacker could craft a malicious XML message to read local files, initiate server-side request forgery (SSRF), or cause denial of service. 3. **Logging of Error Messages:** `utils.CallToolResultError` logs raw error messages (`errmsg`) directly. If these error messages contain sensitive information from upstream APIs or internal system details, they could be exposed in server logs.