From a27ec9b9d0c089aac0606e202e659d1e2146cf03 Mon Sep 17 00:00:00 2001
From: Yi LIU <yi@quantstamp.com>
Date: Mon, 16 Feb 2026 15:36:02 +0800
Subject: [PATCH] fix: validate file paths in saveFile to prevent path
 traversal

The saveFile() method accepts user-provided filenames and resolves them
with path.resolve(), but does not validate the resulting path. This
allows writing files to arbitrary locations via absolute paths or ../
sequences.

Add validation to ensure the resolved file path stays within the current
working directory before writing.
---
 src/McpContext.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/McpContext.ts b/src/McpContext.ts
index 6184b1a94..be5f9da57 100644
--- a/src/McpContext.ts
+++ b/src/McpContext.ts
@@ -701,11 +701,17 @@ export class McpContext implements Context {
   ): Promise<{filename: string}> {
     try {
       const filePath = path.resolve(filename);
+      const cwd = process.cwd();
+      if (!filePath.startsWith(cwd + path.sep) && filePath !== cwd) {
+        throw new Error(
+          `File path must be within the current working directory: ${cwd}`,
+        );
+      }
       await fs.writeFile(filePath, data);
       return {filename};
     } catch (err) {
       this.logger(err);
-      throw new Error('Could not save a screenshot to a file', {cause: err});
+      throw new Error('Could not save a file', {cause: err});
     }
   }