From 06c03f8db59acf869e4e91c8c0866b1e73e50a74 Mon Sep 17 00:00:00 2001 From: frouaix Date: Sat, 21 Feb 2026 19:43:53 -0800 Subject: [PATCH 1/2] Add safety disclaimer to README and DMG installer Strongly worded caution banner in README.md covering data risk, model unpredictability, and user responsibility. Matching warning added to INSTALL.txt inside the DMG. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- README.md | 13 +++++++++++++ scripts/build-dmg.sh | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/README.md b/README.md index ad4aeea..efd5b95 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,19 @@ A local MCP server that exposes controlled AppleScript automation tools to MCP clients on macOS. +> [!CAUTION] +> **This software can read, create, modify, and delete your personal data** across Notes, Calendar, Reminders, Mail, Contacts, Messages, Photos, Music, Finder, and Safari. +> +> By running this server you are granting an AI model the ability to interact with your macOS applications on your behalf. Although multiple safety layers exist (operation modes, per-app allowlists, destructive-action confirmation), **no automated safeguard is foolproof**. An unexpected prompt, a misconfigured policy, or a model hallucination could result in **data loss, disclosure of private information, or unintended actions** such as sending messages or emails. +> +> **You are solely responsible for:** +> - Reviewing and understanding the [configuration](#configuration) and [policy model](#policy-model) before enabling any app +> - Starting in `readonly` mode and only escalating when you understand the consequences +> - Keeping the number of enabled apps to the minimum you actually need +> - Never running in `full` mode unattended +> +> This project is provided **as-is, with no warranty**. See [LICENSE](LICENSE). + ## Overview MCP-AppleScript provides a secure bridge between the [Model Context Protocol](https://modelcontextprotocol.io/) and macOS automation via AppleScript. It consists of two components: diff --git a/scripts/build-dmg.sh b/scripts/build-dmg.sh index cc91113..fb0c49d 100755 --- a/scripts/build-dmg.sh +++ b/scripts/build-dmg.sh @@ -52,6 +52,19 @@ cat > "$STAGING/INSTALL.txt" <<'INSTALL_EOF' MCP-AppleScript Bridge Server ============================== + ⚠️ WARNING — READ BEFORE USE ⚠️ + + This software can read, create, modify, and delete your personal data + across Notes, Calendar, Reminders, Mail, Contacts, Messages, Photos, + Music, Finder, and Safari. + + By running this server you grant an AI model the ability to interact + with your macOS applications. No automated safeguard is foolproof. + Start in readonly mode, enable only the apps you need, and never run + in full mode unattended. + + Provided as-is with no warranty. See LICENSE. + Installation: 1. Copy "mcp-applescript" to /usr/local/bin/ (or another directory in your PATH): sudo cp mcp-applescript /usr/local/bin/ From 440d2c06712916e6213d8fe995e11f2643f4be62 Mon Sep 17 00:00:00 2001 From: frouaix Date: Sat, 21 Feb 2026 19:50:25 -0800 Subject: [PATCH 2/2] Fix EPIPE race on executor stdin write Handle errors on child.stdin to prevent uncaught EPIPE when the executor process exits before reading all input. Fixes flaky CI failure in 'should parse an error response' test. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- packages/mcp-server/src/exec/executor.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packages/mcp-server/src/exec/executor.ts b/packages/mcp-server/src/exec/executor.ts index 44e6f3b..00368ba 100644 --- a/packages/mcp-server/src/exec/executor.ts +++ b/packages/mcp-server/src/exec/executor.ts @@ -116,7 +116,9 @@ export async function runExecutor( }); }); - // Write request JSON to stdin and close + // Write request JSON to stdin and close. + // Ignore EPIPE — the child may exit before reading all input. + child.stdin.on("error", () => {}); const requestJson = JSON.stringify(request); child.stdin.write(requestJson); child.stdin.end();