Security fixes are accepted for the current source release on the default branch.
| Version | Supported |
|---|---|
1.x |
Yes |
< 1.0.0 |
No |
Please report security issues privately instead of opening a public issue when the report includes an exploitable path, sensitive repository data, or a bypass of the intended read-oriented trust model.
Use one of these channels:
- GitHub private vulnerability reporting, if enabled for this repository.
- A direct maintainer contact channel listed on the maintainer GitHub profile.
Please include:
- A short summary of the issue.
- Affected version or commit.
- Reproduction steps.
- Expected impact.
- Whether the issue requires a malicious repository, malicious tool input, or only normal maintainer use.
The maintainer will acknowledge valid reports as soon as practical and will coordinate a fix before public disclosure when the impact justifies it.
MCP Git Enhanced is a local repository inspection tool. It is designed to help AI assistants read and summarize Git state, not mutate repositories.
Current safety boundaries:
- Tool handlers execute fixed Git commands with
spawnSync. - Commands are invoked without shell interpolation.
- The server does not expose branch deletion, checkout, reset, rebase, merge, commit, push, or force-push tools.
repoPathmust point to a Git repository.
Known limitations:
- Git itself may execute repository-local hooks or filters in some workflows. Run this server only against repositories you trust.
- Large diffs and logs may expose sensitive local changes to the connected MCP client.
- The server does not redact secrets from Git output.
High-priority review areas for future contributions:
- Path handling and repository validation.
- Git argument construction.
- Output size limits and timeout behavior.
- Secret exposure risks in diffs, logs, and commit output.
- Any proposed mutating Git tool.