ember-mcp

The server uses `groq-sdk` for external API calls, which is a standard and generally safe practice. File system operations (`readFileSync`, `writeFileSync`, `mkdirSync`) are confined to configuration and log files within the user's home directory (`~/.claude/pets/`), limiting unauthorized access. There are no apparent hardcoded sensitive secrets, as API keys are retrieved from environment variables. The server communicates via standard I/O (stdio) as an MCP server, not exposing network ports directly, which minimizes external attack surfaces. An older design (`v2.3` in `SELF_HOSTED_INTELLIGENCE.md`) mentioned `execSync` for AI calls, which could be a risk if used with unsanitized input; however, the primary `src/index.ts` (v2.5) has transitioned to using the `groq-sdk` directly, mitigating this concern in the current implementation. The system actively flags 'system_interference' patterns (e.g., writing to hooks directory) as a high-risk violation, demonstrating awareness of potential misuse scenarios.