Enhanced Airtable MCP Server

SECURITY_AUDIT_SUMMARY.md•11.2 kB

# Security Audit Summary - Airtable MCP Server **Audit Date**: January 23, 2025 **Version**: 1.0.0 **Status**: ✅ Production Ready (with recommendations) ## Executive Summary A comprehensive security audit was performed on the Airtable MCP Server. **Critical vulnerabilities have been fixed** and the codebase now implements industry-standard security practices. The server is ready for production deployment with the recommendations below. ## Critical Vulnerabilities Fixed ✅ ### 1. Formula Injection Vulnerability (CRITICAL) **Status**: ✅ FIXED **Issue**: The `escapeFormulaString()` function used backslash escaping (`\'`), but Airtable uses SQL-style escaping. This allowed formula injection attacks through user-provided values. **Fix Applied**: - Changed escape mechanism from `\'` to `''` (SQL-style) - Added `sanitizeFieldName()` function to validate field names - Added regex validation for field names (prevents `{}` characters that break context) - All formula builders now sanitize field names and escape values **Files Modified**: - [src/utils/query-helpers.ts](src/utils/query-helpers.ts) - Lines 103-130: Proper escaping and field name sanitization - Lines 82-98, 199-223, 240-259, 276-301, 335-362, 376-405: Applied to all formula builders ### 2. No Input Validation (CRITICAL) **Status**: ✅ FIXED **Issue**: Tool arguments were cast as `any` with no validation, allowing malformed or malicious inputs. **Fix Applied**: - Created comprehensive Zod validation schemas for all 9 tools - Maximum limits enforced: - Strings: 1,000 characters - Arrays: 100 items (fields), 1,000 items (records) - Conditions: 20 maximum - Field names validated with regex patterns - Table names restricted to alphanumeric + safe characters - Record IDs validated against Airtable format (`recXXXXXXXXXXXXXX`) **Files Created**: - [src/validation/tool-schemas.ts](src/validation/tool-schemas.ts) (212 lines) - 9 complete validation schemas - Input sanitization - Type-safe exports **Files Modified**: - [src/index.ts](src/index.ts) - Lines 27-42: Import validation schemas - Lines 61-72: `validateToolArgs()` helper function - All tool handlers updated to use validation ### 3. Error Information Leakage (HIGH) **Status**: ✅ FIXED **Issue**: Full error stack traces and messages returned to clients, potentially exposing: - API keys in error messages - Internal file paths - Airtable base IDs and record IDs - System configuration details **Fix Applied**: - Created custom error class hierarchy with sanitized client responses - Automatic redaction of sensitive data: - API keys (`key***`) - Base IDs (`app***`) - Record IDs (`rec***`) - Bearer tokens - Server-side logging with full details (for debugging) - Client-side responses with sanitized messages only **Files Created**: - [src/utils/errors.ts](src/utils/errors.ts) (310 lines) - 9 custom error classes - `wrapError()` for safe error handling - `logError()` for structured logging - Automatic credential redaction **Files Modified**: - [src/index.ts](src/index.ts) - Lines 38-42: Import error utilities - Lines 772-789: Centralized error handling with sanitization ## High-Priority Issues Addressed ### 4. Number and Date Validation (HIGH) **Status**: ✅ FIXED **Issue**: Numeric and date values not validated, could allow injection via `NaN`, `Infinity`, or malformed dates. **Fix Applied**: - Number range formulas: `Number.isFinite()` validation - Date range formulas: ISO 8601 format validation with regex - Min/max age validation (0-150) **Files Modified**: - [src/utils/query-helpers.ts](src/utils/query-helpers.ts) - Lines 338-350: Finite number validation - Lines 379-395: ISO date format validation ### 5. No Request Size Limits (MEDIUM) **Status**: ✅ FIXED via Zod schemas **Protection Applied**: - Maximum 100 fields per query - Maximum 1,000 records per query - Maximum 10 sort fields - Maximum 20 conditions in smart queries - Maximum 100 values in multiple select queries - Maximum string length: 1,000 characters **Location**: [src/validation/tool-schemas.ts](src/validation/tool-schemas.ts) lines 8-16 ## Documentation Created ### 6. SECURITY.md (NEW) **Status**: ✅ CREATED Comprehensive security documentation including: - Vulnerability reporting process - Security features overview - Best practices for deployment - API key management guidelines - Field filtering recommendations - Rate limiting guidance - Security checklist for production - Claude Desktop integration security **Location**: [SECURITY.md](SECURITY.md) (340 lines) ### 7. README.md Updates **Status**: ✅ UPDATED Added security sections: - Security best practices in Configuration section - Secure Claude Desktop configuration with absolute paths - File permission recommendations (`chmod 600`) - Security feature highlights - Best practices for field filtering - API usage monitoring guidance **Location**: [README.md](README.md) - Security section at lines 266-306 ## Additional Security Enhancements ### Type Safety Improvements - Removed most `as any` type assertions (only 1 remains with justification) - Zod provides runtime type validation - TypeScript provides compile-time safety - Full type inference from validation schemas ### Field Name Sanitization All field names now validated to prevent injection: ```typescript // Regex pattern prevents: {}, \n, \r /^[\w\s\-()#+.,'!?&@$%]+$/ ``` ### Formula Safety - SQL-style escaping: `'` → `''` - Field name validation - Numeric value validation (`isFinite`) - Date format validation (ISO 8601) - No user-controlled `eval()` or code execution ## Dependency Security **Current Status**: ✅ 0 Vulnerabilities ```bash npm audit # vulnerabilities: 0 (info: 0, low: 0, moderate: 0, high: 0, critical: 0) ``` **Dependencies**: - `@modelcontextprotocol/sdk`: ^1.20.1 ✅ - `airtable`: ^0.12.2 ✅ - `dotenv`: ^17.2.3 ✅ - `zod`: ^3.25.76 ✅ **Recommendation**: Set up automated dependency scanning in CI/CD. ## Production Readiness Checklist ### ✅ Completed - [x] Formula injection protection - [x] Input validation (Zod schemas) - [x] Error message sanitization - [x] Field name sanitization - [x] Number/date validation - [x] Request size limits - [x] SECURITY.md documentation - [x] README security section - [x] Custom error classes - [x] Sensitive data redaction - [x] Zero dependency vulnerabilities - [x] TypeScript compilation succeeds - [x] Field filtering defaults (excludeAttachments=true) ### 📋 Recommended (Not Implemented) - [ ] Rate limiting middleware (would add complexity to MCP server) - [ ] Structured logging (Winston/Pino) - currently using console.error - [ ] API key validation on startup - [ ] HTTPS enforcement for attachments - [ ] Unit tests for security functions - [ ] Integration tests - [ ] CI/CD pipeline with security checks ## Recommendations for Production ### High Priority 1. **API Key Validation on Startup**: Add validation that API key works before accepting requests 2. **Structured Logging**: Replace `console.error` with Winston or Pino for production-grade logging 3. **Monitoring**: Set up error tracking (Sentry, Datadog, etc.) 4. **Tests**: Add unit tests for: - `escapeFormulaString()` with injection attempts - `sanitizeFieldName()` with malicious inputs - All Zod schemas with edge cases ### Medium Priority 5. **Rate Limiting**: Implement request queue to prevent Airtable API quota exhaustion 6. **HTTPS Validation**: Validate that attachment URLs use HTTPS only 7. **Circuit Breaker**: Add circuit breaker pattern for Airtable API failures 8. **Metrics**: Track API usage, error rates, response times ### Low Priority 9. **Audit Logging**: Log all data modifications for compliance 10. **Multi-Base Support**: Support multiple Airtable bases with separate auth 11. **Caching**: Implement schema caching to reduce Metadata API calls 12. **GraphQL Support**: Consider GraphQL interface for complex queries ## Testing Recommendations ### Security Tests to Add ```typescript describe('Formula Injection Protection', () => { it('should escape single quotes', () => { const result = escapeFormulaString("It's working"); expect(result).toBe("It''s working"); }); it('should reject dangerous field names', () => { expect(() => sanitizeFieldName("Field}OR{Evil")).toThrow(); expect(() => sanitizeFieldName("Field\n")).toThrow(); }); }); describe('Input Validation', () => { it('should reject oversized arrays', () => { const input = { fields: Array(101).fill('field') }; expect(() => listRecordsSchema.parse(input)).toThrow(); }); it('should validate record ID format', () => { expect(() => getRecordSchema.parse({ table: 'Test', recordId: 'invalid' })).toThrow(); }); }); ``` ## Deployment Security Checklist Before deploying to production: - [ ] Store API keys in secure secrets manager (not `.env` files) - [ ] Use separate API keys for dev/staging/prod - [ ] Enable API key rotation schedule (90 days) - [ ] Set up monitoring and alerting - [ ] Configure structured logging - [ ] Run `npm audit` and fix any vulnerabilities - [ ] Review Airtable base permissions (use least privilege) - [ ] Set up automated security scanning in CI/CD - [ ] Configure rate limiting if exposing over network - [ ] Enable HTTPS if exposing over network - [ ] Set appropriate file permissions (600 for config files) - [ ] Document incident response plan - [ ] Set up automated backups (if storing critical data) ## Known Limitations 1. **MCP Protocol Security**: Security depends on how Claude Desktop or other MCP clients authenticate users. This server trusts all requests from the MCP client. 2. **No Per-User Authorization**: All requests use the same Airtable API key. No user-level permissions or row-level security. 3. **Custom Formulas**: The `customFormula` condition type accepts raw Airtable formulas. While field names/values in built-in builders are sanitized, custom formulas are passed through as-is. Use with caution. 4. **Field Metadata**: Schema fetching from Metadata API can fail silently. Falls back to empty schema which reduces validation effectiveness. ## Conclusion **Security Grade**: A- (Production Ready with Recommendations) The Airtable MCP Server has been significantly hardened with: - ✅ All critical vulnerabilities fixed - ✅ Comprehensive input validation - ✅ Sanitized error handling - ✅ Complete security documentation - ✅ Zero dependency vulnerabilities **Ready for production** with the recommended additions for logging, monitoring, and testing. ### Next Steps 1. Add unit tests for security functions (2-4 hours) 2. Implement structured logging with Winston (1-2 hours) 3. Add API key validation on startup (30 minutes) 4. Set up CI/CD with security scanning (2-3 hours) 5. Deploy to production with secrets manager --- **Auditor Notes**: This audit covered code security, input validation, error handling, and documentation. Does not include infrastructure security, network security, or compliance requirements (GDPR, SOC2, etc.). **Contact**: For questions about this audit, please contact the development team.

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jordan-huffman/airtable-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

SECURITY_AUDIT_SUMMARY.md•11.2 kB