[pull] master from kevoreilly:master#428
Merged
pull[bot] merged 1 commit intothreatcode:masterfrom Feb 23, 2026
Merged
Conversation
* Add MCP server; support selfextracted API Introduce a FastMCP-based MCP server (web/mcp_server.py) to interact with CAPE via tools for submitting files/URLs, querying tasks, downloading artifacts, and listing machines; add MCP docs (MCP.md) and optional dependency group (pyproject.toml). Add support for downloading "selfextracted" files: new API endpoints and handler (web/apiv2/urls.py, web/apiv2/views.py), default config toggles (conf/default/api.conf.default), and UI entries (web/templates/apiv2/index.html). Implement Windows analyzer reboot persistence/handler (analyzer/windows/analyzer.py) using RunOnce registry key and reboot trigger. Update guest docs with AutoLogon guidance (docs/.../additional_configuration.rst). * Update poetry.lock * Update web/apiv2/views.py Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update analyzer/windows/analyzer.py Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Validate hashes, secure submissions, refactor data Add input validation and security hardening plus submission data helper. - MCP.md: update example to run mcp_server via poetry and use /opt/CAPEv2 path. - web/apiv2/views.py: enforce SHA256 format check when iterating extracted files to skip invalid values. - web/mcp_server.py: introduce ALLOWED_SUBMISSION_DIR (env var) and enforce files are submitted only from that directory; sanitize filenames from Content-Disposition with os.path.basename; add _build_submission_data helper to normalize/skip empty values and stringify booleans/ints; replace repeated data population with helper calls across submit_file/submit_url/submit_dlnexec/submit_static; narrow JSON parsing exceptions to json.JSONDecodeError and return clearer security violation messages. * Update mcp_server.py * Update views.py * Update views.py * Add MCP docs and config-driven MCP server Replace legacy MCP.md with a new docs page (docs/book/src/usage/mcp.rst) and add it to the usage index. Extend conf/default/api.conf.default with per-section mcp = no toggles (defaulting to disabled) so MCP tools can be enabled/disabled via config. Refactor web/mcp_server.py to load CAPE config, derive API URL from api.conf when unset, add CAPE root to sys.path, handle imports gracefully, introduce per-request token support and global auth enforcement, and register MCP tools conditionally based on api.conf mcp flags. Also improve download/submission helpers and add token parameters to most tool endpoints. * Update mcp_server.py * Improve MCP auth docs and add auth tools Revise MCP authentication docs to recommend storing CAPE_API_TOKEN in client config (not global env), add clear Local (stdio) vs Remote (SSE) deployment guidance, and document authentication priority. In web/mcp_server.py import additional web_utils helpers, add a startup warning when token auth is enabled but no default token is set, and expose two new MCP tools: `extendedtasksearch` (returns available advanced search terms/filters/hash types) and `verify_auth` (lightweight token validity check using cuckoo status). These changes improve security guidance and provide runtime helpers for building and validating authenticated requests. --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )