mcp_server_2ex

Several Next.js API routes (e.g., `/api/mcp` in `next16_6`, `next16_7`, `next16_8`, `next16_9`, and `/api/chat` in `next16_3`, `next16_4`) lack proper authentication/authorization middleware. Despite the `test-code` including an `Authorization` header, the server-side implementations do not validate it. This exposes critical RAG search and tool-calling functionalities to unauthenticated access. Some `mcp_cli_X` examples implement client-side SPA login but their `/api/chat` endpoints also lack server-side authentication. The `RpcClient.ts` uses `child_process.spawn` to execute external Rust/Go binaries, which is generally safe if `CMD_PATH` is controlled by the deployer, but still represents a potential attack surface if misconfigured or if the external binaries are compromised. The `mcp_3` example does include an API key check, which is a better practice.