Skip to main content
Glama

DollhouseMCP

by DollhouseMCP
token-security-review.mdโ€ข3.03 kB
# Token Management Security Review ## Date: July 14, 2025 ## Reviewer: Claude (with Mick) ## Summary The TokenManager implementation in DollhouseMCP has been reviewed for security vulnerabilities. Overall, the implementation follows good security practices with proper validation, redaction, and rate limiting. ## Strengths โœ… ### 1. Token Format Validation - Validates all GitHub token types (PAT, Installation, User Access, Refresh) - Uses strict regex patterns: `/^ghp_[A-Za-z0-9_]{36,}$/` - Rejects invalid formats before any processing - Minimum length requirement prevents short/weak tokens ### 2. Token Redaction & Privacy - `redactToken()` shows only `ghp_...7890` format - `createSafeErrorMessage()` removes all token patterns from errors - Consistent use of `getTokenPrefix()` for safe logging - No full tokens appear in logs or error messages ### 3. Rate Limiting Protection - Token validation rate-limited to 10 attempts per hour - Prevents brute force attacks on token validation endpoint - Uses token bucket algorithm with minimum 5-second delay - Proper SecurityError with retry information ### 4. API Security - Always uses `Bearer ${token}` authorization format - Includes proper headers (User-Agent, Accept) - Validates token scopes via GitHub API `/user` endpoint - Handles API errors without exposing sensitive data ### 5. No Persistent Storage - Tokens only read from `process.env.GITHUB_TOKEN` - No caching or file storage of tokens - No database storage of tokens - Memory-only usage pattern ## Recommendations for Enhancement ๐Ÿ”ง ### 1. Token Wrapper Class (Medium Priority) Consider implementing a `SecureToken` class that: - Encrypts token in memory - Provides controlled access methods - Automatically clears on disposal - Prevents accidental logging ### 2. Token Rotation Support (Low Priority) Add support for: - Token expiration handling - Refresh token flow for OAuth tokens - Automatic token renewal - Expiration warnings ### 3. Enforce Scope Validation (Medium Priority) - Make scope validation mandatory for all API calls - Cache validated scopes for performance - Alert on insufficient permissions before operations ### 4. Memory Protection (Low Priority) - Consider using Node.js crypto for in-memory encryption - Clear tokens from memory after use - Use secure comparison for token validation ## Security Checklist โœ… - [x] Tokens validated before use - [x] Tokens redacted in logs - [x] Rate limiting implemented - [x] No hardcoded tokens - [x] No token storage - [x] Proper error handling - [x] Secure API communication - [x] Token type detection - [x] Scope validation available - [x] No tokens in error messages ## Conclusion The current TokenManager implementation is **production-ready** from a security perspective. The suggested enhancements would provide defense-in-depth but are not critical for the current threat model. No immediate action required. The implementation properly protects tokens from exposure and follows security best practices. EOF < /dev/null

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/DollhouseMCP/DollhouseMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server