fix: prevent path traversal in style and tileset tool URL construction

Five tools (RetrieveStyle, DeleteStyle, UpdateStyle, PreviewStyle,
TilequeryTool) concatenated user-supplied path parameters directly
into Mapbox API URLs without validation or encoding. Because Node.js
fetch uses the WHATWG URL parser, `../` sequences were normalized
before sending, allowing requests to reach unintended API endpoints.

Changes:
- Add shared `styleIdSchema` with allowlist regex that rejects path
  separators, dots, percent-encoded sequences, and null bytes
- Apply `styleIdSchema` to all four style tools via a shared module
  (src/tools/shared/styleId.schema.ts)
- Add format validation to TilequeryTool tilesetId (owner.name format)
- Wrap both username and styleId/tilesetId in `encodeURIComponent`
  at every URL construction site (defense-in-depth)
- Replace silent fallback in output schema validation with explicit
  `isError: true` responses across all API tools, preventing
  unintended API responses from being forwarded to callers
- Remove now-unused BaseTool.validateOutput() method
- Add test/security/path-traversal.test.ts with 52 tests covering
  schema rejection, valid ID acceptance, URL encoding, and response
  schema mismatch behavior

Author: zmofei

src/tools/BaseTool.ts

@@ -135,26 +135,4 @@ export abstract class BaseTool<
       this.server.server.sendLoggingMessage({ level, data });
     }
   }
-
-  /**
-   * Validates output data against the output schema.
-   * If validation fails, logs a warning and returns the raw data instead of throwing an error.
-   * This allows tools to continue functioning when API responses deviate from expected schemas.
-   */
-  protected validateOutput<T>(
-    schema: ZodTypeAny,
-    rawData: unknown,
-    toolName: string
-  ): T {
-    try {
-      return schema.parse(rawData) as T;
-    } catch (validationError) {
-      this.log(
-        'warning',
-        `${toolName}: Output schema validation failed - ${validationError instanceof Error ? validationError.message : 'Unknown validation error'}`
-      );
-      // Graceful fallback to raw data
-      return rawData as T;
-    }
-  }
 }

src/tools/create-token-tool/CreateTokenTool.ts

@@ -92,12 +92,20 @@ export class CreateTokenTool extends MapboxApiBasedTool<
 
     const rawData = await response.json();
 
-    // Validate response against schema with graceful fallback
-    const data = this.validateOutput<Record<string, unknown>>(
-      CreateTokenOutputSchema,
-      rawData,
-      'CreateTokenTool'
-    );
+    let data;
+    try {
+      data = CreateTokenOutputSchema.parse(rawData);
+    } catch {
+      return {
+        isError: true,
+        content: [
+          {
+            type: 'text',
+            text: 'Unexpected API response format from Mapbox API'
+          }
+        ]
+      };
+    }
 
     this.log('info', `CreateTokenTool: Successfully created token`);
 

src/tools/delete-style-tool/DeleteStyleTool.input.schema.ts

@@ -1,7 +1,8 @@
 import { z } from 'zod';
+import { styleIdSchema } from '../shared/styleId.schema.js';
 
 export const DeleteStyleSchema = z.object({
-  styleId: z.string().describe('Style ID to delete')
+  styleId: styleIdSchema.describe('Style ID to delete')
 });
 
 export type DeleteStyleInput = z.infer<typeof DeleteStyleSchema>;

src/tools/delete-style-tool/DeleteStyleTool.ts

@@ -34,7 +34,7 @@ export class DeleteStyleTool extends MapboxApiBasedTool<
     _context: ToolExecutionContext
   ): Promise<CallToolResult> {
     const username = getUserNameFromToken(accessToken);
-    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${username}/${input.styleId}?access_token=${accessToken}`;
+    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${encodeURIComponent(username)}/${encodeURIComponent(input.styleId)}?access_token=${accessToken}`;
 
     const response = await this.httpRequest(url, {
       method: 'DELETE'

src/tools/list-styles-tool/ListStylesTool.ts

@@ -70,12 +70,20 @@ export class ListStylesTool extends MapboxApiBasedTool<
 
     const rawData = await response.json();
 
-    // Validate the API response (which is an array) with graceful fallback
-    const validatedData = this.validateOutput(
-      StylesArraySchema,
-      rawData,
-      'ListStylesTool'
-    );
+    let validatedData;
+    try {
+      validatedData = StylesArraySchema.parse(rawData);
+    } catch {
+      return {
+        isError: true,
+        content: [
+          {
+            type: 'text',
+            text: 'Unexpected API response format from Mapbox API'
+          }
+        ]
+      };
+    }
 
     this.log('info', `ListStylesTool: Successfully listed styles`);
 

src/tools/list-tokens-tool/ListTokensTool.ts

@@ -130,12 +130,20 @@ export class ListTokensTool extends MapboxApiBasedTool<
           ? data
           : (data as { tokens?: unknown[] }).tokens || [];
 
-        // Validate tokens array against TokenObjectSchema with graceful fallback
-        const validatedTokens = this.validateOutput<unknown[]>(
-          TokenObjectSchema.array(),
-          tokens,
-          'ListTokensTool'
-        );
+        let validatedTokens;
+        try {
+          validatedTokens = TokenObjectSchema.array().parse(tokens);
+        } catch {
+          return {
+            isError: true,
+            content: [
+              {
+                type: 'text',
+                text: 'Unexpected API response format from Mapbox API'
+              }
+            ]
+          };
+        }
 
         allTokens.push(...validatedTokens);
         this.log(

src/tools/preview-style-tool/PreviewStyleTool.input.schema.ts

@@ -1,7 +1,8 @@
 import { z } from 'zod';
+import { styleIdSchema } from '../shared/styleId.schema.js';
 
 export const PreviewStyleSchema = z.object({
-  styleId: z.string().describe('Style ID to preview'),
+  styleId: styleIdSchema.describe('Style ID to preview'),
   accessToken: z
     .string()
     .startsWith(

src/tools/preview-style-tool/PreviewStyleTool.ts

@@ -74,7 +74,7 @@ export class PreviewStyleTool extends BaseTool<typeof PreviewStyleSchema> {
     const hashFragment =
       hashParams.length > 0 ? `#${hashParams.join('/')}` : '';
 
-    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${userName}/${input.styleId}.html?${params.toString()}${hashFragment}`;
+    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${encodeURIComponent(userName)}/${encodeURIComponent(input.styleId)}.html?${params.toString()}${hashFragment}`;
 
     // Build content array with URL
     const content: CallToolResult['content'] = [
@@ -86,7 +86,7 @@ export class PreviewStyleTool extends BaseTool<typeof PreviewStyleSchema> {
 
     // Add MCP-UI resource (for legacy MCP-UI clients)
     const uiResource = createUIResource({
-      uri: `ui://mapbox/preview-style/${userName}/${input.styleId}`,
+      uri: `ui://mapbox/preview-style/${encodeURIComponent(userName)}/${encodeURIComponent(input.styleId)}`,
       content: {
         type: 'externalUrl',
         iframeUrl: url

src/tools/retrieve-style-tool/RetrieveStyleTool.input.schema.ts

@@ -1,7 +1,8 @@
 import { z } from 'zod';
+import { styleIdSchema } from '../shared/styleId.schema.js';
 
 export const RetrieveStyleSchema = z.object({
-  styleId: z.string().describe('Style ID to retrieve')
+  styleId: styleIdSchema.describe('Style ID to retrieve')
 });
 
 export type RetrieveStyleInput = z.infer<typeof RetrieveStyleSchema>;

src/tools/retrieve-style-tool/RetrieveStyleTool.ts

@@ -44,7 +44,7 @@ export class RetrieveStyleTool extends MapboxApiBasedTool<
     _context: ToolExecutionContext
   ): Promise<CallToolResult> {
     const username = getUserNameFromToken(accessToken);
-    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${username}/${input.styleId}?access_token=${accessToken}`;
+    const url = `${MapboxApiBasedTool.mapboxApiEndpoint}styles/v1/${encodeURIComponent(username)}/${encodeURIComponent(input.styleId)}?access_token=${accessToken}`;
 
     const response = await this.httpRequest(url);
 
@@ -57,16 +57,22 @@ export class RetrieveStyleTool extends MapboxApiBasedTool<
     let data: MapboxStyleOutput;
     try {
       data = MapboxStyleOutputSchema.parse(rawData);
-    } catch (validationError) {
-      this.log(
-        'warning',
-        `Schema validation failed for search response: ${validationError instanceof Error ? validationError.message : 'Unknown validation error'}`
-      );
-      // Graceful fallback to raw data
-      data = rawData as MapboxStyleOutput;
+    } catch {
+      return {
+        isError: true,
+        content: [
+          {
+            type: 'text',
+            text: 'Unexpected API response format from Mapbox API'
+          }
+        ]
+      };
     }
 
-    this.log('info', `UpdateStyleTool: Successfully updated style ${data.id}`);
+    this.log(
+      'info',
+      `RetrieveStyleTool: Successfully retrieved style ${data.id}`
+    );
 
     return {
       content: [