Article Summary
Invariant Labs identified and patched a critical vulnerability in its public GitHub repository for the Model Context Protocol (MCP).
- The vulnerability, disclosed responsibly by a third-party security researcher, was a directory traversal flaw in a proof-of-concept for a GitHub 'resource' within the MCP client.
- This flaw could have allowed an attacker to access arbitrary files on a server running the MCP client by crafting a malicious 'resource' request.
- The issue was remediated by implementing robust path validation using Node.js's `path.resolve` and `path.join` to prevent traversal beyond the intended base directory.
- The incident underscores MCP's commitment to security and transparency, showcasing the protocol's ongoing development and hardening process for secure AI data access.