mirror of
https://github.com/modelcontextprotocol/servers.git
synced 2026-04-17 23:53:24 +02:00
9e5d5b8e4b
Add validation to reject arguments starting with '-' and verify arguments resolve to valid git refs via rev_parse before passing to git CLI commands. This prevents flag-like values from being interpreted as command-line options (e.g., --output=/path/to/file). CWE-88: Improper Neutralization of Argument Delimiters in a Command 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>