From e264523d7504fcaa2f406948df3043fe665f2591 Mon Sep 17 00:00:00 2001
From: FailSafe Researcher <joshua@getfailsafe.com>
Date: Tue, 9 Jun 2026 20:23:15 -0700
Subject: [PATCH] fix: require API key auth for /custom-mcp endpoint to prevent
 unauthenticated RCE

Signed-off-by: FailSafe Researcher <joshua@getfailsafe.com>
---
 src/ii_server/mcp/server.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/ii_server/mcp/server.py b/src/ii_server/mcp/server.py
index b6d9ac44f..2bdc0fd50 100644
--- a/src/ii_server/mcp/server.py
+++ b/src/ii_server/mcp/server.py
@@ -74,6 +74,13 @@ async def add_mcp_config(request):
         config = await request.json()
         if not config:
             return JSONResponse({"error": "Invalid request"}, status_code=400)
+
+        # Require API key authentication for MCP config registration
+        api_key = request.headers.get("X-API-Key") or request.query_params.get("api_key")
+        expected_key = os.getenv("MCP_API_KEY")
+        if not expected_key or api_key != expected_key:
+            return JSONResponse({"error": "Unauthorized"}, status_code=401)
+
         mcp_servers = config.get("mcpServers", {})
         for server_name, server_conf in mcp_servers.items():
             single_config = {"mcpServers": {server_name: server_conf}}