mcp-server-win-cli

The project demonstrates an extremely strong security posture with a 'security-first' and 'fail-closed' design. It implements a multi-stage (9-step) command validation pipeline, including advanced Unicode attack detection (e.g., BiDi control characters, homoglyphs, zero-width characters, PowerShell Unicode quotes), explicit blocking of dangerous commands and arguments, strict path canonicalization and restriction (intersection-merged allowedPaths, TOCTOU protection), and comprehensive error message sanitization to prevent information disclosure. SSH connections enforce host key verification (TOFU/strict mode) and network diagnostic tools include SSRF and port scanning protection (IP range blocking, port whitelisting). Environment variable access is controlled via configurable blocklists/allowlists, and values are validated for dangerous content. Process listing is disabled by default due to its security implications. While highly robust, no system handling direct CLI access can be entirely impenetrable, hence a 9/10.