You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add fsnotify dependency and enhance MCP server responses with quarantine instructions
- Added fsnotify v1.8.0 for improved file system notifications.
- Updated MCP server responses to include detailed quarantine instructions for newly added servers, enhancing security against Tool Poisoning Attacks (TPAs).
- Disabled a test for the V1 tool proxy due to missing mock implementations.
// retrieve_tools - THE PRIMARY TOOL FOR DISCOVERING TOOLS - Enhanced with clear instructions
91
91
retrieveToolsTool:=mcp.NewTool("retrieve_tools",
92
-
mcp.WithDescription("🔍 CALL THIS FIRST to discover relevant tools! This is the primary tool discovery mechanism that searches across ALL upstream MCP servers using intelligent BM25 full-text search. Always use this before attempting to call any specific tools. Use natural language to describe what you want to accomplish (e.g., 'create GitHub repository', 'query database', 'weather forecast'). Then use call_tool with the discovered tool names."),
92
+
mcp.WithDescription("🔍 CALL THIS FIRST to discover relevant tools! This is the primary tool discovery mechanism that searches across ALL upstream MCP servers using intelligent BM25 full-text search. Always use this before attempting to call any specific tools. Use natural language to describe what you want to accomplish (e.g., 'create GitHub repository', 'query database', 'weather forecast'). Then use call_tool with the discovered tool names. NOTE: Quarantined servers are excluded from search results for security. Use 'upstream_servers' with operation 'list_quarantined' to examine tools from quarantined servers and unquarantine via UI menu or config file if verified safe."),
93
93
mcp.WithString("query",
94
94
mcp.Required(),
95
95
mcp.Description("Natural language description of what you want to accomplish. Be specific about your task (e.g., 'create a new GitHub repository', 'get weather for London', 'query SQLite database for users'). The search will find the most relevant tools across all connected servers."),
"status": "configured", // Connection will be attempted asynchronously
788
+
"name": name,
789
+
"protocol": protocol,
790
+
"enabled": enabled,
791
+
"added": true,
792
+
"status": "configured", // Connection will be attempted asynchronously
793
+
"quarantined": true,
794
+
"security_status": "QUARANTINED_FOR_REVIEW",
795
+
"message": fmt.Sprintf("🔒 SECURITY: Server '%s' has been added but is automatically quarantined for security review. Tool calls are blocked to prevent potential Tool Poisoning Attacks (TPAs).", name),
796
+
"next_steps": "To use tools from this server, please: 1) Review the server and its tools for malicious content, 2) Use the 'upstream_servers' tool with operation 'list_quarantined' to inspect tools, 3) Use the tray menu or manual config editing to remove from quarantine if verified safe",
797
+
"security_help": "For security documentation, see: Tool Poisoning Attacks (TPAs) occur when malicious instructions are embedded in tool descriptions. Always verify tool descriptions for hidden commands, file access requests, or data exfiltration attempts.",
"unquarantine_note": "IMPORTANT: Unquarantining can only be done through the system tray menu or manual config editing - NOT through LLM tools for security.",
792
803
})
793
804
iferr!=nil {
794
805
returnmcp.NewToolResultError(fmt.Sprintf("Failed to serialize result: %v", err)), nil
"message": fmt.Sprintf("🔒 SECURITY: %d servers have been added but are automatically quarantined for security review. Tool calls are blocked to prevent potential Tool Poisoning Attacks (TPAs).", len(ids)),
928
+
"next_steps": "To use tools from these servers, please: 1) Review each server and its tools for malicious content, 2) Use the 'upstream_servers' tool with operation 'list_quarantined' to inspect tools, 3) Use the tray menu or manual config editing to remove from quarantine if verified safe",
929
+
"security_help": "For security documentation, see: Tool Poisoning Attacks (TPAs) occur when malicious instructions are embedded in tool descriptions. Always verify tool descriptions for hidden commands, file access requests, or data exfiltration attempts.",
"unquarantine_note": "IMPORTANT: Unquarantining can only be done through the system tray menu or manual config editing - NOT through LLM tools for security.",
908
935
})
909
936
iferr!=nil {
910
937
returnmcp.NewToolResultError(fmt.Sprintf("Failed to serialize result: %v", err)), nil
"message": fmt.Sprintf("🔒 SECURITY: %d servers have been imported from Cursor IDE config but are automatically quarantined for security review. Tool calls are blocked to prevent potential Tool Poisoning Attacks (TPAs).", len(ids)),
1242
+
"next_steps": "To use tools from these imported servers, please: 1) Review each server and its tools for malicious content, 2) Use the 'upstream_servers' tool with operation 'list_quarantined' to inspect tools, 3) Use the tray menu or manual config editing to remove from quarantine if verified safe",
1243
+
"security_help": "For security documentation, see: Tool Poisoning Attacks (TPAs) occur when malicious instructions are embedded in tool descriptions. Always verify tool descriptions for hidden commands, file access requests, or data exfiltration attempts.",
"unquarantine_note": "IMPORTANT: Unquarantining can only be done through the system tray menu or manual config editing - NOT through LLM tools for security.",
1211
1249
})
1212
1250
iferr!=nil {
1213
1251
returnmcp.NewToolResultError(fmt.Sprintf("Failed to serialize result: %v", err)), nil
0 commit comments