Skip to main content
Glama
dsgarage

ReviewMCP

by dsgarage
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Local

review.security.validate-mapfile

Validate mapfile path and content against security policy to ensure compliance and prevent unauthorized access in Re:VIEW manuscripts.

Instructions

Validate mapfile path and content against security policy

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
cwdYes
filepathYes

Implementation Reference

  • src/index.ts:643-715 (handler)
    Main execution handler for the tool. Loads security configuration, performs path validation, size check, reads and sanitizes the mapfile content, and returns structured validation results.
    case "review.security.validate-mapfile": { const config = await loadSecurityConfig(args.cwd as string); const pathValidation = validateMapfilePath(args.filepath as string, config); if (!pathValidation.valid) { return { content: [ { type: "text", text: JSON.stringify({ valid: false, reason: pathValidation.reason, config: { source: config.source } }) } ] }; } const sizeValidation = await validateMapfileSize( args.filepath as string, args.cwd as string, config ); if (!sizeValidation.valid) { return { content: [ { type: "text", text: JSON.stringify({ valid: false, reason: sizeValidation.reason, size: sizeValidation.size, config: { source: config.source, maxFileSize: config.maxFileSize } }) } ] }; } const fullPath = path.join(args.cwd as string, args.filepath as string); try { const content = await fs.readFile(fullPath, "utf-8"); const sanitization = await sanitizeMapfile(content, args.filepath as string, config); return { content: [ { type: "text", text: JSON.stringify({ valid: sanitization.safe, size: sizeValidation.size, issues: sanitization.issues, config: { source: config.source } }) } ] }; } catch (error: any) { return { content: [ { type: "text", text: JSON.stringify({ valid: false, error: error.message }) } ] }; } }
  • src/index.ts:380-391 (schema)
    Tool schema definition including name, description, and input schema requiring 'cwd' and 'filepath'.
    { name: "review.security.validate-mapfile", description: "Validate mapfile path and content against security policy", inputSchema: { type: "object", properties: { cwd: { type: "string" }, filepath: { type: "string" } }, required: ["cwd", "filepath"] } },
  • src/config/security.ts:147-180 (helper)
    Helper function to validate the filepath against security rules: blocks absolute paths, traversal, invalid extensions, and ensures path is in allowed directories.
    export function validateMapfilePath( filepath: string, config: SecurityConfig ): { valid: boolean; reason?: string } { if (config.blockAbsolutePaths && path.isAbsolute(filepath)) { return { valid: false, reason: "Absolute paths are not allowed" }; } if (config.blockTraversal && (filepath.includes("../") || filepath.includes("..\\"))) { return { valid: false, reason: "Path traversal is not allowed" }; } const ext = path.extname(filepath).toLowerCase(); if (config.allowedExtensions.length > 0 && !config.allowedExtensions.includes(ext)) { return { valid: false, reason: `File extension '${ext}' is not allowed. Allowed: ${config.allowedExtensions.join(", ")}` }; } const normalizedPath = filepath.replace(/\\/g, "/"); const isInAllowedPath = config.allowedPaths.length === 0 || config.allowedPaths.some(allowed => normalizedPath.startsWith(allowed)); if (!isInAllowedPath) { return { valid: false, reason: `Path must be within allowed directories: ${config.allowedPaths.join(", ")}` }; } return { valid: true }; }
  • src/config/security.ts:182-208 (helper)
    Helper function to check file size against the configured maximum.
    export async function validateMapfileSize( filepath: string, cwd: string, config: SecurityConfig ): Promise<{ valid: boolean; reason?: string; size?: number }> { const fullPath = path.join(cwd, filepath); try { const stats = await fs.stat(fullPath); if (stats.size > config.maxFileSize) { return { valid: false, reason: `File size (${stats.size} bytes) exceeds maximum allowed size (${config.maxFileSize} bytes)`, size: stats.size }; } return { valid: true, size: stats.size }; } catch (error: any) { return { valid: false, reason: `Cannot access file: ${error.message}` }; } }
  • src/config/security.ts:210-239 (helper)
    Helper function to sanitize mapfile content by scanning for suspicious patterns like eval, require, etc.
    export async function sanitizeMapfile( content: string, filepath: string, config: SecurityConfig ): Promise<{ safe: boolean; sanitized?: string; issues: string[] }> { const issues: string[] = []; const suspiciousPatterns = [ /eval\s*\(/gi, /require\s*\(/gi, /import\s+/gi, /__import__/gi, /exec\s*\(/gi, /system\s*\(/gi, /`[^`]*`/g ]; for (const pattern of suspiciousPatterns) { if (pattern.test(content)) { issues.push(`Suspicious pattern detected: ${pattern.source}`); } } if (issues.length > 0) { return { safe: false, issues }; } return { safe: true, sanitized: content, issues: [] }; }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dsgarage/ReviewMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server