The following versions of the project are currently being supported with security updates:

mcp-sysmon is a powerful system monitoring and administration tool designed to run as an Model Context Protocol (MCP) server. By its nature, it requires elevated privileges to function correctly.

• Privileged Access: This tool is designed to read system logs (/var/log/), inspect Docker containers (including environment variables), and manage systemd services. It likely requires root or specific capabilities (e.g., CAP_DAC_READ_SEARCH, CAP_SYS_ADMIN) to operate.
• Local Trust: The server is intended to be used over secure, local transports (like stdio piped to an LLM host) or secure remote tunnels (SSH). Do not expose this server directly to the public internet or untrusted networks without wrapping it in a strong authentication layer.
• Data Exposure: The tool intentionally exposes system internal details, including logs that may contain PII or other sensitive data, and container configurations that may contain secrets. This is a feature, not a bug.

If you find a security vulnerability that is not described in the "Intended Use" section (e.g., a buffer overflow, arbitrary code execution, or path traversal escaping the intended directories), please report it.

Please report vulnerabilities by opening a GitHub Issue with the tag [SECURITY].