Epic: MCP security hardening #623
Description
Summary
MCP server commands from config are executed without validation. Config tampering leads to arbitrary code execution.
Child Issues
- Validate MCP server command against allowlist #651 Validate MCP server command against allowlist
- Restrict MCP env var injection to safe subset #652 Restrict MCP env var injection to safe subset