Merge pull request #12 from dataplat/development

ClaudioESSilva · web-flow · commit 04998ceb86b4 · 2026-04-01T11:59:46.000+01:00
Bump dependencies and enhance security measures
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "dbatools-mcp-server",
   "mcpName": "io.github.dataplat/dbatools-mcp-server",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "MCP server for dbatools — exposes SQL Server management commands as MCP tools",
   "keywords": [
     "dbatools",
@@ -32,7 +32,7 @@
     "test": "node --experimental-vm-modules node_modules/.bin/jest --passWithNoTests"
   },
   "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.10.0",
+    "@modelcontextprotocol/sdk": "^1.29.0",
     "zod": "^3.24.0"
   },
   "devDependencies": {
diff --git a/server.json b/server.json
@@ -6,7 +6,7 @@
     "url": "https://github.com/dataplat/dbatools-mcp-server",
     "source": "github"
   },
-  "version": "0.3.0",
+  "version": "0.4.0",
   "icons": [
     {
       "src": "https://dbatools.io/thor.png",
@@ -17,7 +17,7 @@
     {
       "registryType": "npm",
       "identifier": "dbatools-mcp-server",
-      "version": "0.3.0",
+      "version": "0.4.0",
       "transport": {
         "type": "stdio"
       },
diff --git a/src/powershell.ts b/src/powershell.ts
@@ -44,6 +44,11 @@ export function runPowerShell(
   config: ServerConfig
 ): Promise<PowerShellResult> {
   return new Promise((resolve, reject) => {
+    // Encode the script as Base64 UTF-16LE and use -EncodedCommand so that
+    // no part of the script (including any user-supplied parameter values
+    // embedded in it) is ever parsed as a command-line argument by PowerShell.
+    // This eliminates the command-injection risk present with -Command.
+    const encodedCommand = Buffer.from(script, "utf16le").toString("base64");
     const pwsh = spawn(
       config.powershellExe,
       [
@@ -52,8 +57,8 @@ export function runPowerShell(
         "-NoLogo",
         "-ExecutionPolicy",
         "Bypass",
-        "-Command",
-        script,
+        "-EncodedCommand",
+        encodedCommand,
       ],
       { shell: false }
     );
diff --git a/src/server.ts b/src/server.ts
@@ -33,7 +33,7 @@ async function getVersionState(): Promise<VersionMismatchResult> {
 
 const server = new McpServer({
   name: "dbatools-mcp-server",
-  version: "0.1.0",
+  version: "0.4.0",
 });
 
 // ---------------------------------------------------------------------------
@@ -208,7 +208,7 @@ server.tool(
 // ---------------------------------------------------------------------------
 server.tool(
   "invoke_dbatools_command",
-  "Execute a dbatools command via PowerShell and return structured JSON output. Non-readonly commands require confirm:true when safe mode is enabled.",
+  "Execute a dbatools command via PowerShell and return structured JSON output.\n\nSAFETY: For any destructive or change command (Remove, Drop, Disable, Reset, etc.), always explain the consequences to the user and ask for explicit confirmation before running. Only proceed with confirm:true if the user has clearly confirmed their intent. Respect DBATOOLS_SAFE_MODE: never bypass safety checks. For any command that modifies or deletes data, double-check with the user before proceeding. Show the exact command and output for transparency. Non-readonly commands require confirm:true when safe mode is enabled.",
   {
     commandName: z
       .string()
