This document outlines security best practices for using the isolated-pymcp environment.
The project has been updated to use GitHub Secrets for sensitive API keys:
-
Setup GitHub Secrets
- Run the script:
./setup_secrets.sh - This will create placeholders for required secrets
- Update secrets with real values:
gh secret edit GH_PATandgh secret edit ANTHROPIC_API_KEY
- Run the script:
-
Local Development
- Run
make check-secretsbefore starting containers - This automatically fetches secrets from GitHub and creates a local .env file
- Run
- DO NOT commit
.envfiles to the repository - DO NOT hardcode API keys in scripts or code
- DO NOT expose API keys in logs or output
All container ports are now bound to localhost only (127.0.0.1) to prevent external access:
- Services are available only from the local machine
- No external network exposure
Container resource limits have been added:
- Memory: 1GB
- CPU: 2 cores
- All processes in the container run as the non-root user 'mcp'
- Mount points and file permissions are properly secured
Scripts now implement proper input validation:
- Algorithm names must match the pattern
^[a-zA-Z0-9_]+$ - Path traversal protection in file access
- Command injection protection for user inputs
While HTTP is used for local MCP servers, consider these additional security measures:
- Minimize sensitive data transmission
- Treat all inputs as untrusted
- Apply appropriate access controls
When installing new components, avoid these insecure patterns:
- Do not use
curl | bashpatterns - Always download scripts first, then verify before executing
- Use checksums to verify downloaded files
If you discover a security vulnerability, please report it to:
- Email: security@defrecord.com
- Or create a GitHub issue with the label "security"
Keep your environment secure:
- Regularly update base images
- Check for dependency updates
- Subscribe to security advisories for key components