github · mcp-serverHEAD

Evidence

run: |

          docker run -d --name mcp-server --network host \

            keboola/mcp-server:kaibench-test \

            --transport streamable-http --host 0.0.0.0 --port 8000

          echo "Waiting for MCP server..."

          for i in $(seq 1 30); do

            HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/mcp 2>/dev/null || true)

Remediation

Bind to 127.0.0.1 for local-only access. If cross-host access is truly required, put the service behind an authenticated reverse proxy rather than exposing it on 0.0.0.0.

Evidence

-e KBC_BRANCH_ID="YOUR_BRANCH_ID_OPTIONAL" \

  keboola/mcp-server:latest \

  --transport streamable-http \

  --host 0.0.0.0

```

> **Note**: The server will use the Streamable HTTP transport and listen on `localhost:8000` for incoming connections at `/mcp`.

Remediation

Bind to 127.0.0.1 for local-only access. If cross-host access is truly required, put the service behind an authenticated reverse proxy rather than exposing it on 0.0.0.0.

Evidence

except Exception as e:

        # Handle other unexpected errors

        LOG.exception(f'[validate_tool_params] Unexpected error: {e}')

        return False, f'Validation error: {str(e)}'

def _prepare_mutator(

Remediation

Log the full exception server-side with a correlation ID; return only {"error_id": id, "message": "internal error"} to the caller. Never enable Flask debug mode in production.

Evidence

description_entry = next(entry for entry in raw_metadata if entry.get('key') == MetadataField.DESCRIPTION)

        return UpdateItemResult(item_id=table_id, success=True, timestamp=description_entry['timestamp'])

    except Exception as e:

        return UpdateItemResult(item_id=table_id, success=False, error=str(e))

async def _update_column_descriptions(

Remediation

Log the full exception server-side with a correlation ID; return only {"error_id": id, "message": "internal error"} to the caller. Never enable Flask debug mode in production.

Evidence

description_entry = next(entry for entry in response if entry.get('key') == MetadataField.DESCRIPTION)

        return UpdateItemResult(item_id=bucket_id, success=True, timestamp=description_entry['timestamp'])

    except Exception as e:

        return UpdateItemResult(item_id=bucket_id, success=False, error=str(e))

async def _update_table_description(client: KeboolaClient, table_id: str, description: str) -> UpdateItemResult:

Remediation

Log the full exception server-side with a correlation ID; return only {"error_id": id, "message": "internal error"} to the caller. Never enable Flask debug mode in production.

Evidence

for t, s in zip(tokens, schemas):

    info = httpx.get(f'{url}/v2/storage/tokens/verify', headers={'X-StorageApi-Token': t}).json()

    name = f'{info[\"owner\"][\"name\"]} ({info[\"owner\"][\"id\"]})'

    ws = httpx.get(f'{url}/v2/storage/branch/default/workspaces', headers={'X-StorageApi-Token': t}).json()

    ok = '✓' if any(w['connection'].get('schema') == s for w in ws) else '✗ MISMATCH'

    print(f'...{t[-4:]} | {name:>40} | {s:>22} | {ok}')

"

Remediation

Pass timeout= on every call: - HTTP: `requests.get(url, timeout=5)`, `httpx.get(url, timeout=5.0)` - Node fetch: `AbortSignal.timeout(5000)` - Subprocess: `subprocess.run(["cmd"], timeout=30, check=True)` Pick a value short enough to fail fast and retry.

Evidence

```typescript

// 1. Fetch CSV from same-origin static file server

const csvText = await fetch('/data/customers.csv').then(r => r.text());

// 2. Register with DuckDB virtual filesystem

await db.registerFileText('customers.csv', csvText);

Remediation

Pass timeout= on every call: - HTTP: `requests.get(url, timeout=5)`, `httpx.get(url, timeout=5.0)` - Node fetch: `AbortSignal.timeout(5000)` - Subprocess: `subprocess.run(["cmd"], timeout=30, check=True)` Pick a value short enough to fail fast and retry.

Evidence

queue_url = base_url.replace('connection.', 'queue.')

    deadline = time.time() + timeout

    while time.time() < deadline:

        resp = httpx.get(f'{queue_url}/jobs/{job_id}', headers={'X-StorageApi-Token': token})

        resp.raise_for_status()

        job = resp.json()

        status = job.get('status')

Remediation

Pass timeout= on every call: - HTTP: `requests.get(url, timeout=5)`, `httpx.get(url, timeout=5.0)` - Node fetch: `AbortSignal.timeout(5000)` - Subprocess: `subprocess.run(["cmd"], timeout=30, check=True)` Pick a value short enough to fail fast and retry.

Evidence

schemas = os.getenv('INTEGTEST_WORKSPACE_SCHEMAS', '').split()

url = os.getenv('INTEGTEST_POOL_STORAGE_API_URL', '')

for t, s in zip(tokens, schemas):

    info = httpx.get(f'{url}/v2/storage/tokens/verify', headers={'X-StorageApi-Token': t}).json()

    name = f'{info[\"owner\"][\"name\"]} ({info[\"owner\"][\"id\"]})'

    ws = httpx.get(f'{url}/v2/storage/branch/default/workspaces', headers={'X-StorageApi-Token': t}).json()

    ok = '✓' if any(w['connection'].get('schema') == s for w in ws) else 

Remediation

Pass timeout= on every call: - HTTP: `requests.get(url, timeout=5)`, `httpx.get(url, timeout=5.0)` - Node fetch: `AbortSignal.timeout(5000)` - Subprocess: `subprocess.run(["cmd"], timeout=30, check=True)` Pick a value short enough to fail fast and retry.

Evidence

op: Literal['remove_code']

    block_id: str = Field(description='The ID of the block to remove the code from')

    code_id: str = Field(description='The ID of the code to remove')

class TfRenameCode(BaseModel, frozen=True):

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

description='The description of the project.',

    )

    organization_id: str | int = Field(description='The ID of the organization this project belongs to.')

    sql_dialect: str = Field(description='The sql dialect used in the project.')

    conditional_flows: bool = Field(description='Whether the project supports conditional flows.')

    links: list[Link] = Field(description='The links relevant to the project.')

    branch_id: str | int = Field(

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

type: URLType = Field(..., description='The type of the URL.')

    title: str = Field(..., description='The name of the URL.')

    url: str = Field(..., description='The URL.')

    @classmethod

    def detail(cls, title: str, url: str) -> 'Link':

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['rename_code']

    block_id: str = Field(description='The ID of the block to rename the code in')

    code_id: str = Field(description='The ID of the code to rename')

    code_name: str = Field(description='The new name of the code')

class TfSetCode(BaseModel, frozen=True):

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

}

                    }

                  },

                  "query": {

                    "type": "string",

                    "description": "Query to filter files, deprecated, use any of 'changed_since', 'file_ids', 'source.tags' instead."

                  },

                  "limit": {

                    "type": "integer",

                    "description": "Limit number of files"

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

def _make_endpoint(

    url: str = 'https://connection.keboola.com',

    token: str = 'test-token',

    schema: str = 'WORKSPACE_TEST',

    project_id: str = 'proj-001',

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

"""Replace a substring in a string parameter."""

    op: Literal['str_replace']

    path: str = Field(description='JSONPath to the parameter key to modify')

    search_for: str = Field(description='Substring to search for (non-empty)')

    replace_with: str = Field(description='Replacement string (can be empty for deletion)')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['add_script']

    block_id: str = Field(description='The ID of the block to add the script to')

    code_id: str = Field(description='The ID of the code to add the script to')

    script: str = Field(description='The SQL script to add')

    position: TfPosition = Field(description='The position of the script to add', default='end')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

class QueryDataOutput(BaseModel):

    """Output model for SQL query results."""

    query_name: str = Field(description='The name of the executed query')

    csv_data: str = Field(description='The retrieved data in CSV format')

    message: str | None = Field(default=None, description='A message from the query execution')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

class JobDetail(JobListItem):

    """Represents a detailed job with all available information."""

    url: str = Field(description='The URL of the job.')

    config_data: Optional[dict[str, Any]] = Field(

        description='The data of the configuration.',

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['rename_code']

    block_id: str = Field(description='The ID of the block to rename the code in')

    code_id: str = Field(description='The ID of the code to rename')

    code_name: str = Field(description='The new name of the code')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

id: str = Field(description='Metric UUID.')

    name: str = Field(description='Metric name.')

    description: str = Field(description='Metric description.')

    sql: str = Field(description='Metric SQL expression.')

    dataset: str = Field(description='Source dataset table ID.')

    @classmethod

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['add_script']

    block_id: str = Field(description='The ID of the block to add the script to')

    code_id: str = Field(description='The ID of the code to add the script to')

    script: str = Field(description='The SQL script to add')

    position: TfPosition = Field(description='The position of the script to add', default='end')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

{

                    "if": {

                      "properties": {

                        "query": { "type": "string" }

                      }

                    },

                    "then": {

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

"""The code block for the transformation block."""

            name: str = Field(description='A descriptive name for the code block')

            script: str = Field(description='The SQL script of the code block')

            async def to_raw_code(self) -> TransformationConfiguration.Parameters.Block.Code:

                # Avoid circular import

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

"""Remove a parameter key."""

    op: Literal['remove']

    path: str = Field(description='JSONPath to the parameter key to remove')

class ConfigParamListAppend(BaseModel, frozen=True):

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

"""

    op: Literal['set']  # name 'op' inspired by JSON Patch (https://datatracker.ietf.org/doc/html/rfc6902)

    path: str = Field(description='JSONPath to the parameter key to set (e.g., "api_key", "database.host")')

    value: Any = Field(description='New value to set')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['set_code']

    block_id: str = Field(description='The ID of the block to set the code in')

    code_id: str = Field(description='The ID of the code to set')

    script: str = Field(description='The SQL script of the code to set')

class TfAddScript(BaseModel, frozen=True):

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

op: Literal['set_code']

    block_id: str = Field(description='The ID of the block to set the code in')

    code_id: str = Field(description='The ID of the code to set')

    script: str = Field(description='The SQL script of the code to set')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

"""Append a value to a list parameter."""

    op: Literal['list_append']

    path: str = Field(description='JSONPath to the list parameter')

    value: Any = Field(description='Value to append to the list')

Remediation

Shape the schema to the tool's actual intent: - Zod: chain `.enum([...])`, `.regex(/.../)`, or `.max(n)`; prefer `z.enum([...])` or `z.literal(...)` when the value set is small. - Pydantic: use `Literal["a", "b"]` or `Field(max_length=..., pattern=r"...")`. - JSON Schema: add `"enum"`, `"pattern"`, or `"maxLength"` to the property. An overbroad schema is an "overpowered tool" — the model has nothing to prevent it from calling the tool with input far beyond what the tool's prose contract

Evidence

uses: docker/setup-buildx-action@v3

      - name: Docker Hub login

        uses: docker/login-action@v3

        with:

          username: keboolabot

          password: ${{ secrets.DOCKERHUB_TOKEN }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

version: ${{ steps.get_package_version.outputs.version }}

      wheel_artifact_id: ${{ steps.wheel_artifact_upload.outputs.artifact-id }}

    steps:

      - uses: actions/checkout@v4

      - name: Set up Python ${{ matrix.python-version }}

        uses: actions/setup-python@v5

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

# This ensures tests run sequentially, not in parallel

      max-parallel: 1

    steps:

      - uses: actions/checkout@v4

      - name: Set up Python ${{ matrix.python-version }}

        uses: actions/setup-python@v5

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: GHCR login

        uses: docker/login-action@v3

        with:

          registry: ghcr.io

          username: ${{ github.actor }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- uses: actions/checkout@v4

      - name: Set up Python ${{ matrix.python-version }}

        uses: actions/setup-python@v5

        with:

          python-version: ${{ matrix.python-version }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

id: wheel_artifact_upload

        # run this step only for push events or pull requests from the same repo

        if: matrix.python-version == '3.10' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)

        uses: actions/upload-artifact@v4

        with:

          name: keboola_mcp_server-${{ steps.get_package_version.outputs.version }}-py3-none-any.whl

          path: dist/keboola_mcp_server-${{ steps.get_package_version.outputs.version }}-p

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

steps:

      - name: Checkout MCP server

        uses: actions/checkout@v4

      - name: Checkout KaiBench

        uses: actions/checkout@v4

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

needs.build.outputs.tag == format('v{0}', needs.build.outputs.version)

    steps:

      - name: Download wheel package

        uses: actions/download-artifact@v4

        with:

          name: keboola_mcp_server-${{ needs.build.outputs.version }}-py3-none-any.whl

          path: dist/

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

type=raw,value=canary-orion-${{ github.sha }},enable=${{ (startsWith(github.ref, 'refs/tags/v') || startsWith(github.ref, 'refs/tags/agent-v')) && contains(github.ref, '-dev.') }}

      - name: Docker login

        uses: docker/login-action@v3

        with:

          username: ${{ secrets.DOCKERHUB_PUSH_USER }}

          password: ${{ secrets.DOCKERHUB_PUSH_TOKEN }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- uses: actions/checkout@v4

      - name: Set up Python ${{ matrix.python-version }}

        uses: actions/setup-python@v5

        with:

          python-version: ${{ matrix.python-version }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- name: Download previous run artifacts

        if: steps.find-prev-run.outputs.run_id != ''

        uses: actions/download-artifact@v4

        continue-on-error: true

        with:

          pattern: kaibench-results-*

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- name: Upload results

        if: always()

        uses: actions/upload-artifact@v4

        with:

          name: kaibench-results-${{ github.run_id }}

          path: kaibench/results/

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- name: Extract metadata

        id: meta

        uses: docker/metadata-action@v5

        with:

          images: |

            ${{ env.SERVICE_IMAGE_NAME }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

- name: Upload coverage to Codecov

        # run this step only for push events or pull requests from the same repo

        if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository

        uses: codecov/codecov-action@v5

        with:

          file: ./coverage.xml

          fail_ci_if_error: false

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

uses: actions/checkout@v4

      - name: Checkout KaiBench

        uses: actions/checkout@v4

        with:

          repository: keboola-rnd/KaiBench

          token: ${{ secrets.KAIBENCH_REPO_TOKEN }}

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

done

      - name: Setup uv

        uses: astral-sh/setup-uv@v5

      - name: Install Python

        run: uv python install 3.11

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

path: kaibench

      - name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      - name: Docker Hub login

        uses: docker/login-action@v3

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

uv run tox

      - name: Publish test results

        uses: dorny/test-reporter@v1

        # run this step even if a previous step failed, but only for push events or pull requests from the same repo

        if: (success() || failure()) && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)

        with:

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

needs.build.outputs.tag == format('v{0}', needs.build.outputs.version)

    steps:

      - name: Checkout code

        uses: actions/checkout@v4

      - name: Prepare server.json

        run: |

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

# Build for tests (single-arch, load into daemon)

      - name: Build Docker image

        uses: docker/build-push-action@v6

        with:

          context: .

          file: ./Dockerfile # Explicitly specify the Dockerfile path

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

echo "Dependencies installed successfully - setup is working correctly"

      - name: Publish integration test results

        uses: dorny/test-reporter@v1

        # publish results only when actual tests were run (same repository)

        if: (always()) && github.repository == github.event.repository.full_name

        with:

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

uses: actions/checkout@v4

      - name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      - name: Extract metadata

        id: meta

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build MCP server from branch

        uses: docker/build-push-action@v6

        with:

          load: true

          tags: keboola/mcp-server:kaibench-test

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

# Push multi-arch image (no load)

      - name: Push Docker image

        uses: docker/build-push-action@v6

        with:

          context: .

          file: ./Dockerfile

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

steps:

      - name: Checkout repository

        uses: actions/checkout@v4

      - name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

Remediation

Pin every `uses:` to a 40-character commit SHA. Trailing comment with the version helps reviewers: `uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v4.1.1` Automate the migration with `pinact` (https://github.com/suzuki-shunsuke/pinact) or `ratchet` (https://github.com/sethvargo/ratchet). Add a `pinact run --check` pre-commit hook so future PRs stay pinned. Re-pin when the action releases a new version — Dependabot can do this automatically with `version-update-strategy: inc

Evidence

unique = uuid.uuid4().hex

        tool_func = getattr(self, tool_name)

        try:

            await tool_func(unique, mcp_context)

        except ValueError:

            pass  # ignore

        await asyncio.sleep(1)  # give SAPI time to digest the event

        client = KeboolaClient.from_state(mcp_context.session.state)

Remediation

Log the exception at minimum (`logger.exception(e)`), emit a metric, or re-raise if the error is not recoverable. If you genuinely want to ignore an exception, say so with a comment.

Evidence

except ValueError:

                try:

                    if response.text:

                        message_parts.append(f'API error: {response.text}')

                except Exception:

                    pass  # should never get here

            raise httpx.HTTPStatusError('\n'.join(message_parts), request=response.request, response=response) from e

Remediation

Log the exception at minimum (`logger.exception(e)`), emit a metric, or re-raise if the error is not recoverable. If you genuinely want to ignore an exception, say so with a comment.