@wonderwhy-er/desktop-commander 0.2.39 → 0.2.41

package/README.md

@@ -335,9 +335,11 @@ Desktop Commander works with any MCP-compatible client. The standard JSON config
 Add this to your client's MCP configuration file at the locations below:
 
 <details>
-<summary><b>Cursor</b></summary>
+<summary><b>Cursor</b></summary><br>
 
-[Install MCP Server in Cursor](https://cursor.directory/mcp/desktop-commander-mcp)
+[![Install MCP Server](https://cursor.com/deeplink/mcp-install-dark.svg)](https://cursor.com/en-US/install-mcp?name=desktop-commander&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyIteSIsIkB3b25kZXJ3aHktZXIvZGVza3RvcC1jb21tYW5kZXJAbGF0ZXN0Il19)
+
+[View MCP Server in Directory](https://cursor.directory/mcp/desktop-commander-mcp)
 
 Or add manually to `~/.cursor/mcp.json` (global) or `.cursor/mcp.json` in your project folder (project-specific).
 

package/dist/handlers/filesystem-handlers.js

@@ -99,6 +99,10 @@ export async function handleReadFile(args) {
                     fileName: path.basename(resolvedFilePath),
                     filePath: resolvedFilePath,
                     fileType: 'unsupported',
+                    content: pdfContent
+                        .filter((item) => item.type === "text")
+                        .map((item) => item.text)
+                        .join("\n"),
                 },
             };
         }
@@ -121,6 +125,7 @@ export async function handleReadFile(args) {
                     fileName: path.basename(resolvedFilePath),
                     filePath: resolvedFilePath,
                     fileType: 'image',
+                    content: imageData,
                     imageData,
                     mimeType: fileResult.mimeType
                 }
@@ -140,6 +145,7 @@ export async function handleReadFile(args) {
                     fileName: path.basename(resolvedFilePath),
                     filePath: resolvedFilePath,
                     fileType,
+                    content: textContent,
                 },
             };
         }

package/dist/server.js

@@ -445,6 +445,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
                         [FILE] src/tools/filesystem.ts
                         
                         If a directory cannot be accessed, it will show [DENIED] instead.
+                        If a path does not exist, it will show [NOT_FOUND] instead.
                         Only works within allowed directories.
                         
                         ${PATH_GUIDANCE}
@@ -1092,7 +1093,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
     const startTime = Date.now();
     try {
         // Prepare telemetry data - add config key for set_config_value
-        const telemetryData = { name };
+        const telemetryData = { tool_name: name };
         // Extract metadata from _meta field if present
         const metadata = request.params._meta;
         if (metadata && typeof metadata === 'object') {

package/dist/tools/filesystem.js

@@ -220,6 +220,38 @@ export async function validatePath(requestedPath) {
                 });
                 throw new Error(`Failed to resolve symlink for path: ${absoluteOriginal}. Error: ${err.message}`);
             }
+            // SECURITY FIX: When the full path doesn't exist (e.g., writing a new file),
+            // resolve the parent directory to detect symlinks in the path chain.
+            // Without this, an attacker could create a symlink inside an allowed directory
+            // pointing to a restricted location, then write to a non-existent file through
+            // that symlink — bypassing the directory restriction check.
+            try {
+                const parentDir = path.dirname(absoluteOriginal);
+                const resolvedParent = await fs.realpath(parentDir, { encoding: 'utf8' });
+                const basename = path.basename(absoluteOriginal);
+                resolvedRealPath = path.join(resolvedParent, basename);
+            }
+            catch {
+                // Parent also doesn't exist — walk up the tree to find
+                // the deepest existing ancestor and resolve it
+                let current = absoluteOriginal;
+                let remaining = [];
+                while (true) {
+                    const parent = path.dirname(current);
+                    if (parent === current)
+                        break; // reached filesystem root
+                    remaining.unshift(path.basename(current));
+                    current = parent;
+                    try {
+                        const resolvedAncestor = await fs.realpath(current, { encoding: 'utf8' });
+                        resolvedRealPath = path.join(resolvedAncestor, ...remaining);
+                        break;
+                    }
+                    catch {
+                        // keep walking up
+                    }
+                }
+            }
         }
         const pathForNextCheck = resolvedRealPath ?? absoluteOriginal;
         // Check if path is allowed
@@ -230,25 +262,25 @@ export async function validatePath(requestedPath) {
             });
             throw new Error(`Path not allowed: ${requestedPath}. Must be within one of these directories: ${(await getAllowedDirs()).join(', ')}`);
         }
+        // SECURITY: Always return the resolved path (with symlinks resolved) so that
+        // all subsequent file operations (read, write, mkdir, etc.) operate on the
+        // canonical target, not on a symlink that could point outside allowed directories.
+        // pathForNextCheck already holds resolvedRealPath ?? absoluteOriginal from above.
         // Check if path exists
         try {
             // fs.stat() will automatically follow symlinks, so we get existence info
-            const stats = await fs.stat(absoluteOriginal);
-            // If path exists, resolve any symlinks
-            if (resolvedRealPath) {
-                return resolvedRealPath;
-            }
-            return absoluteOriginal;
+            await fs.stat(pathForNextCheck);
+            return pathForNextCheck;
         }
         catch (error) {
             // Path doesn't exist - validate parent directories
-            if (await validateParentDirectories(absoluteOriginal)) {
-                // Return the path if a valid parent exists
+            if (await validateParentDirectories(pathForNextCheck)) {
+                // Return the resolved path if a valid parent exists
                 // This will be used for folder creation and many other file operations
-                return absoluteOriginal;
+                return pathForNextCheck;
             }
-            // If no valid parent found, return the absolute path anyway
-            return absoluteOriginal;
+            // If no valid parent found, return the resolved path anyway
+            return pathForNextCheck;
         }
     };
     // Execute with timeout
@@ -573,9 +605,11 @@ export async function listDirectory(dirPath, depth = 2) {
         catch (error) {
             const err = error;
             const displayPath = relativePath || path.basename(currentPath);
-            // Keep [DENIED] prefix so UI parser regex still matches.
-            // Append a hint for permission/timeout errors so user gets context.
-            if (err.code === 'EPERM' || err.code === 'EACCES' || err.code === 'ETIMEDOUT') {
+            // Distinguish "not found" from "permission denied" so AI and UI get accurate info.
+            if (err.code === 'ENOENT') {
+                results.push(`[NOT_FOUND] ${displayPath} — path does not exist`);
+            }
+            else if (err.code === 'EPERM' || err.code === 'EACCES' || err.code === 'ETIMEDOUT') {
                 results.push(`[DENIED] ${displayPath} — not accessible (permission denied, cloud-only file, or Full Disk Access not granted)`);
             }
             else {

package/dist/types.d.ts

@@ -65,6 +65,7 @@ export interface FilePreviewStructuredContent {
     fileName: string;
     filePath: string;
     fileType: PreviewFileType;
+    content?: string;
     imageData?: string;
     mimeType?: string;
 }