|
| 1 | +# Security Policy |
| 2 | + |
| 3 | +## Reporting Security Vulnerabilities |
| 4 | + |
| 5 | +**DO NOT** open a public GitHub issue for security vulnerabilities. Instead, please report them responsibly to: |
| 6 | + |
| 7 | +**Email:** security@rethunk.tech |
| 8 | +**Response SLA:** We aim to respond to security reports within 24 hours. |
| 9 | + |
| 10 | +When reporting a vulnerability, please include: |
| 11 | +- Description of the vulnerability |
| 12 | +- Affected component(s) and version(s) |
| 13 | +- Steps to reproduce (if applicable) |
| 14 | +- Potential impact |
| 15 | +- Suggested fix (optional) |
| 16 | + |
| 17 | +## Scope & Risk Profile |
| 18 | + |
| 19 | +`mcp-multi-root-git` is an MCP server that exposes git operations (status, log, diff, commit, push, merge) to LLMs. It has security implications due to git workflow access and repository state modification. |
| 20 | + |
| 21 | +### Git Repository Access |
| 22 | +- **Critical:** Server operates on local git repositories with user permissions |
| 23 | +- Tools perform read (status, log, diff) and write operations (commit, push, merge) |
| 24 | +- Multi-root setup allows access to multiple repos; ensure intended scope |
| 25 | +- Token/credential handling for remote operations (push, pull) |
| 26 | + |
| 27 | +### Write Operations Risk |
| 28 | +- **High:** `batch_commit`, `git_push`, `git_merge`, `git_cherry_pick` modify repository state |
| 29 | +- These operations can rewrite history, overwrite branches, lose commits if misused |
| 30 | +- Implement safeguards against destructive operations (force-push, rebase on shared branches) |
| 31 | +- Validate branch names and merge targets before operations |
| 32 | + |
| 33 | +### Repository Credentials |
| 34 | +- **Medium:** Push operations require git credentials (SSH keys, PAT tokens, or git credentials storage) |
| 35 | +- SSH agent socket access required for SSH authentication |
| 36 | +- Credentials should never be logged or exposed |
| 37 | +- Validate that credentials are not embedded in code or environment |
| 38 | + |
| 39 | +### File System Access |
| 40 | +- **Medium:** Server accesses local filesystem to read/write git repositories |
| 41 | +- Symlink traversal could allow access outside intended directory |
| 42 | +- Validate paths to prevent directory escape attacks |
| 43 | +- Restrict filesystem access to intended git repository roots |
| 44 | + |
| 45 | +### Diff Output |
| 46 | +- **Low-Medium:** Large diffs could expose sensitive data (API keys, passwords in code) |
| 47 | +- Diff viewer truncates output; still be mindful of sensitive content |
| 48 | +- Do not expose raw repository contents without review |
| 49 | + |
| 50 | +## Security Practices |
| 51 | + |
| 52 | +### Path Validation |
| 53 | +- Validate all repository paths resolve within intended roots |
| 54 | +- Prevent symlink traversal to parent directories |
| 55 | +- Use absolute path resolution; validate against whitelist |
| 56 | + |
| 57 | +### Operation Safety |
| 58 | +- Implement safeguards on destructive operations (merge, cherry-pick, reset) |
| 59 | +- Validate branch names match expected patterns |
| 60 | +- Prevent force-push to protected branches (main, master, develop, stable, prod) |
| 61 | +- Log all write operations for audit trails |
| 62 | + |
| 63 | +### Credential Management |
| 64 | +- Use SSH agent or git credentials storage; never embed credentials |
| 65 | +- SSH key passphrase protection recommended |
| 66 | +- Monitor git credentials for unusual access patterns |
| 67 | +- Document credential setup requirements |
| 68 | + |
| 69 | +### Dependency Management |
| 70 | +- Keep git CLI up-to-date for security patches |
| 71 | +- Monitor `simple-git` or git wrapper library for security updates |
| 72 | +- Run `bun audit` regularly; address high/critical vulnerabilities |
| 73 | + |
| 74 | +### Multi-Root Workspace Setup |
| 75 | +- Document all workspace root directories |
| 76 | +- Validate roots are intentional and secure |
| 77 | +- Prevent unintended access to sibling or parent repositories |
| 78 | +- Use absolute paths; validate against whitelist |
| 79 | + |
| 80 | +## Supported Versions |
| 81 | + |
| 82 | +Latest release only. |
| 83 | + |
| 84 | +| Version | Supported | |
| 85 | +|---------|-----------| |
| 86 | +| Latest | ✅ Yes | |
| 87 | + |
| 88 | +## Known Vulnerabilities |
| 89 | + |
| 90 | +None currently known. Reports are welcome via security@rethunk.tech. |
| 91 | + |
| 92 | +## Testing & Validation |
| 93 | + |
| 94 | +- Test on non-critical repositories before production use |
| 95 | +- Validate path traversal prevention with symlinks |
| 96 | +- Test write operations on a test repository; verify nothing unintended is modified |
| 97 | +- Test with invalid branch names and merge targets; validate error handling |
| 98 | + |
| 99 | +## Incident Response |
| 100 | + |
| 101 | +If a security vulnerability is discovered: |
| 102 | + |
| 103 | +1. **Report immediately** to security@rethunk.tech (do not disclose publicly) |
| 104 | +2. **Include reproduction steps** and affected version(s) |
| 105 | +3. **Allow 24-48 hours** for initial response and triage |
| 106 | +4. **Coordinate disclosure** timeline if patch is required |
| 107 | +5. **Credit will be given** to the reporter (if desired) |
| 108 | + |
| 109 | +## Contact |
| 110 | + |
| 111 | +- **Security Issues:** security@rethunk.tech |
| 112 | +- **General Support:** support@rethunk.tech |
| 113 | +- **Website:** https://rethunk.tech |
| 114 | + |
| 115 | +--- |
| 116 | + |
| 117 | +**Last updated:** 2026-04-27 |
0 commit comments