mcp-server

The server includes an `InsecureSkipTLSVerify` option which, if enabled, can expose sensitive data to man-in-the-middle attacks. While disabled by default, its presence is a configurable risk. More critically, the MCP server's HTTP transports (SSE and Streamable) are configured with `ReadHeaderTimeout: 0` and `WriteTimeout: 0`. A zero `ReadHeaderTimeout` makes the server vulnerable to slowloris attacks by allowing clients to hold connections open indefinitely with partial requests, potentially leading to denial of service. The authentication mechanism for tool execution relies on setting a `BEARER_TOKEN` environment variable globally within the process, protected by a mutex. While the mutex attempts to prevent race conditions, using a process-global environment variable for per-session authentication is inherently fragile and carries risks, such as potential leakage to unintended child processes or subtle timing vulnerabilities in highly concurrent scenarios, especially given it's a workaround for a dependency's design.