mirror of
https://github.com/modelcontextprotocol/servers.git
synced 2026-04-18 16:23:22 +02:00
a37158bc15
Validate that repo_path arguments in tool calls are within the configured --repository path when the --repository flag is set. The fix: - Adds validate_repo_path() that resolves paths and checks containment using Path.relative_to() - Resolves symlinks before comparison - Maintains backward compatibility when --repository is not set 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Paul Carleton <paulc@anthropic.com>