MCP SSH Orchestrator

security_vulnerability.yml•3.01 kB

name: Security Vulnerability description: Report a security vulnerability (please use the bug template for non-security issues) title: "[SECURITY] " labels: - security - needs-triage body: - type: markdown attributes: value: | **Important** Please do **not** disclose sensitive details publicly until we coordinate a fix. For urgent issues, also email `samer.farida@yahoo.com` as documented in `SECURITY.md`. - type: dropdown id: severity attributes: label: Severity assessment options: - Critical (RCE, privilege escalation, data breach) - High (auth bypass, unauthorized access, data exposure) - Medium (information disclosure, DoS) - Low (hardening opportunity) - type: textarea id: description attributes: label: Vulnerability description description: Provide a concise description of the issue. validations: required: true - type: textarea id: affected-version attributes: label: Affected version / environment description: Include commit SHA or tag, Docker vs local venv, MCP client, etc. placeholder: | Version: v1.0.0 Environment: Docker MCP client: Cursor validations: required: true - type: checkboxes id: components attributes: label: Affected components options: - label: SSH client implementation - label: Policy engine - label: Configuration handling - label: Docker container - label: MCP protocol handling - label: Other (describe below) - type: textarea id: reproduction attributes: label: Steps to reproduce description: Include vulnerable configuration, commands, and observed behavior. placeholder: | 1. Configure ... 2. Call `ssh_run ...` 3. Observe ... validations: required: true - type: textarea id: impact attributes: label: Impact description: What data/systems could be affected? What attack vectors exist? - type: textarea id: suggested-fix attributes: label: Suggested fix (optional) description: Share mitigation ideas if you have them. - type: checkboxes id: disclosure attributes: label: Responsible disclosure options: - label: I will not publicly disclose details until a fix is available. required: true - label: I agree to coordinate disclosure with the maintainers. - label: I have not shared this information publicly. - label: I reviewed `SECURITY.md` and emailed `samer.farida@yahoo.com` if urgent. - type: textarea id: contact attributes: label: Contact information description: Provide a secure way to reach you (email, PGP link, etc.). - type: textarea id: additional attributes: label: Additional context description: Anything else we should know? (Keep it factual—describe current behavior only.)

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/samerfarida/mcp-ssh-orchestrator'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

security_vulnerability.yml•3.01 kB