wandb-mcp-server

The server demonstrates robust security practices, particularly for multi-tenant environments. It utilizes `ContextVar` for per-request API key isolation, preventing cross-request data leakage in concurrent operations. The `create_report` tool explicitly patches the `wandb_workspaces` API client to also use `ContextVar`, addressing known singleton contamination vulnerabilities and handling markdown input carefully. The `query_wandb_tool` allows arbitrary GraphQL queries, which is a powerful but potentially risky feature; however, its usage is heavily documented with critical warnings for the LLM to manage context windows and avoid open-ended queries. Session management includes optional HMAC-SHA256 verification via a secrets resolver. Limited `subprocess.run` calls are for low-risk operations (e.g., `git rev-parse HEAD`). No direct `eval` or `os.system` for user-controlled input was found, and sensitive secrets are expected to be managed via environment variables or a secrets resolver.