| Version | Supported |
|---|---|
| 5.7.x | ✅ |
| 5.6.x | ✅ |
| 5.5.x | ✅ |
| 5.4.x | ✅ |
| 5.3.x | ✅ |
| 5.2.x | ✅ |
| 5.1.x | ✅ |
| 5.0.x | ✅ |
| 4.7.x | ✅ |
| 4.6.x | ✅ |
| 4.5.x | ✅ |
| 4.4.x | ✅ |
| 4.3.x | ✅ |
| 4.2.x | ✅ (4.2.1 includes security hardening) |
| 4.1.x | ✅ |
| 4.0.x | ✅ |
| 3.1.x | ✅ |
| 3.0.x | ❌ |
| 2.0.x | ❌ |
| < 2.0 | ❌ |
If you discover a security vulnerability in rails-ai-context, please report it responsibly:
- Do NOT open a public GitHub issue.
- Email crisjosephnahine@gmail.com with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- You will receive a response within 48 hours.
- A fix will be released as a patch version as soon as possible.
- All 38 MCP tools are read-only and never modify your application or database.
- Sensitive file blocking - configurable
sensitive_patternsblocks access to.env,*.key,*.pem,credentials.yml.encacross all search and read tools. Patterns are checked inrails_search_code,rails_get_edit_context, and all new tools. - Path traversal protection - all file-reading tools validate paths with
File.realpath()againstRails.rootto prevent directory escape. - Command injection prevention - code search uses
Open3.capture2with array arguments (never shell strings). The--flag separator prevents pattern injection. - Regex DoS protection - user-supplied regex patterns have 1-2 second timeouts via
Regexp.new(pattern, timeout:). - Credential safety -
rails_get_envonly reads.env.example(never.env), shows credential key names only (never values), and redacts secrets.rails_get_configexposes adapter/framework names, not connection strings. - Brakeman integration - optional
rails_security_scantool runs static security analysis. Graceful degradation if not installed. Users can exclude it viaconfig.skip_tools = %w[rails_security_scan]. - File size limits - all tools enforce configurable
max_file_size(default 5MB) to prevent memory exhaustion on large files. - SQL comment stripping -
rails_querystrips block (/* */), line (--), and MySQL-style (#) comments before validation to prevent keyword hiding. - Regex interpolation safety - all introspectors use
Regexp.escapewhen interpolating model/association names into patterns to prevent regex injection. - Log redaction -
rails_read_logsredacts passwords, tokens, secrets, API keys, cookies, session IDs, emails, and environment variables before output. - Migration input validation -
rails_migration_advisorvalidates table and column names as safe identifiers before generating migration code. - Cache invalidation coverage - Fingerprinter watches
app/components,package.json, andtsconfig.jsonalongside models/controllers/views to prevent stale tool responses. - Fetch size limits -
rails_search_docscaps fetched documentation content at 2MB to prevent memory exhaustion. - The gem makes outbound HTTPS requests only when
rails_search_docsis called withfetch: true(to fetch Rails documentation from GitHub raw content). All other tools are offline.