PAL MCP is an open-source Model Context Protocol (MCP) server that acts as middleware between AI clients (Claude Code, Codex CLI, Cursor, etc.) and various AI model providers.

Please understand the following:

• No Warranty: This software is provided "AS IS" under the Apache 2.0 License, without warranties of any kind. See the LICENSE file for full terms.
• User Responsibility: The AI client (not PAL MCP) controls tool invocations and workflows. Users are responsible for reviewing AI-generated outputs and actions.
• API Key Security: You are responsible for securing your own API keys. Never commit keys to version control or share them publicly.
• Third-Party Services: PAL MCP connects to external AI providers (Google, OpenAI, Azure, etc.). Their terms of service and privacy policies apply to data sent through this server.

Please do not report security vulnerabilities through public GitHub issues.

Use GitHub Security Advisories to report vulnerabilities privately.

• Description of the vulnerability
• Steps to reproduce
• Affected versions
• Potential impact
• Suggested fix (optional)

• We will acknowledge your report and assess the issue
• Critical issues will be prioritized
• We'll keep you informed of progress as work proceeds

We cannot commit to specific response timelines, but we take security seriously.

We welcome security researchers to submit a pull request with the fix. This is an open-source project and we appreciate community contributions to improve security.

We practice coordinated disclosure. Please allow reasonable time to address issues before public disclosure. We'll work with you on timing.

• Authentication/authorization bypasses
• Injection vulnerabilities (command injection, prompt injection with security impact)
• Information disclosure (API keys, sensitive data leakage)
• Denial of service vulnerabilities in the MCP server itself
• Dependency vulnerabilities with exploitable impact

• Issues in upstream AI providers (report to Google, OpenAI, etc. directly)
• Issues in AI client software (report to Anthropic, OpenAI, Cursor, etc.)
• AI model behavior or outputs (this is controlled by the AI client and model providers)
• Social engineering attacks
• Rate limiting or resource exhaustion on third-party APIs

1. Protect API Keys: Store keys in .env files (gitignored) or environment variables
2. Review AI Actions: Always review AI-suggested code changes before applying
3. Use Local Models: For sensitive codebases, consider using Ollama with local models
4. Network Security: When self-hosting, ensure appropriate network controls
5. Keep Updated: Regularly update to the latest version for security fixes

We appreciate responsible disclosure and will credit security researchers in release notes (unless you prefer anonymity).