andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-05-05 09:12:39 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
394a6df8351db8f93d973d1128ba5f6b81726f88
crewAI/lib
History
Devin AI 394a6df835 feat: add command allowlist validation for MCP stdio transport 
Addresses #5080 - adds an optional allowed_commands parameter to
StdioTransport that validates commands against an allowlist before
spawning subprocesses.

- Add DEFAULT_ALLOWED_COMMANDS frozenset (python, python3, node, npx, uvx, deno)
- Add allowed_commands parameter to StdioTransport.__init__ with validation
- Add allowed_commands field to MCPServerStdio config model
- Forward allowed_commands through MCPToolResolver._create_transport
- Export DEFAULT_ALLOWED_COMMANDS from transports __init__.py
- Add 29 tests covering allowlist validation, opt-out, custom lists, and integration

Co-Authored-By: João <joao@crewai.com>
2026-03-25 16:34:33 +00:00
..
crewai
feat: add command allowlist validation for MCP stdio transport
2026-03-25 16:34:33 +00:00
crewai-files
feat: bump versions to 1.12.0a2
2026-03-25 23:49:12 +08:00
crewai-tools
feat: bump versions to 1.12.0a2
2026-03-25 23:49:12 +08:00
devtools
feat: bump versions to 1.12.0a2
2026-03-25 23:49:12 +08:00