mcp-gearbox

The application follows good security practices for an Electron app, including `nodeIntegration: false` and `contextIsolation: true` in the main process, and exposing a controlled API via `contextBridge.exposeInMainWorld`. Interactions with the `mcp-gearbox-cli` are proxied through a main process service (`ElectronMcpService`) using `ipcMain.handle`, limiting direct shell access from the renderer. User-provided inputs (like server names, agent names, project location) are passed as distinct arguments to the underlying CLI commands. The main security assumption lies in the `mcp-gearbox` (npm package) library and the `mcp-gearbox-cli`'s robust handling and sanitization of these arguments to prevent shell injection or other vulnerabilities. Without the source code for the `mcp-gearbox` library itself, a full audit of the CLI interaction security cannot be completed, but the application's wrapper adheres to secure design patterns.