nworks 1.2.0 → 1.2.2

package/dist/index.js

@@ -38,13 +38,14 @@ var ApiError = class extends Error {
 function hasServiceAccountCreds(creds) {
   return !!(creds.serviceAccount && creds.privateKeyPath && creds.botId);
 }
+var IS_UNIX = process.platform !== "win32";
 var CONFIG_DIR = join(homedir(), ".config", "nworks");
 var CREDENTIALS_PATH = join(CONFIG_DIR, "credentials.json");
 var TOKEN_PATH = join(CONFIG_DIR, "token.json");
 var USER_TOKEN_PATH = join(CONFIG_DIR, "user-token.json");
 async function ensureConfigDir() {
   if (!existsSync(CONFIG_DIR)) {
-    await mkdir(CONFIG_DIR, { recursive: true });
+    await mkdir(CONFIG_DIR, { recursive: true, ...IS_UNIX && { mode: 448 } });
   }
 }
 function getCredentialsFromEnv() {
@@ -84,7 +85,11 @@ async function saveCredentials(creds, profile = "default") {
     profiles = JSON.parse(raw);
   }
   profiles[profile] = creds;
-  await writeFile(CREDENTIALS_PATH, JSON.stringify(profiles, null, 2), "utf-8");
+  await writeFile(
+    CREDENTIALS_PATH,
+    JSON.stringify(profiles, null, 2),
+    { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
+  );
 }
 async function loadToken(profile = "default") {
   if (!existsSync(TOKEN_PATH)) return null;
@@ -105,7 +110,11 @@ async function saveToken(token, profile = "default") {
     tokens = JSON.parse(raw);
   }
   tokens[profile] = token;
-  await writeFile(TOKEN_PATH, JSON.stringify(tokens, null, 2), "utf-8");
+  await writeFile(
+    TOKEN_PATH,
+    JSON.stringify(tokens, null, 2),
+    { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
+  );
 }
 async function loadUserToken(profile = "default") {
   if (!existsSync(USER_TOKEN_PATH)) return null;
@@ -128,7 +137,11 @@ async function saveUserToken(token, profile = "default") {
     tokens = JSON.parse(raw);
   }
   tokens[profile] = token;
-  await writeFile(USER_TOKEN_PATH, JSON.stringify(tokens, null, 2), "utf-8");
+  await writeFile(
+    USER_TOKEN_PATH,
+    JSON.stringify(tokens, null, 2),
+    { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
+  );
 }
 async function clearCredentials(profile = "default") {
   if (existsSync(CREDENTIALS_PATH)) {
@@ -138,25 +151,33 @@ async function clearCredentials(profile = "default") {
     await writeFile(
       CREDENTIALS_PATH,
       JSON.stringify(profiles, null, 2),
-      "utf-8"
+      { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
     );
   }
   if (existsSync(TOKEN_PATH)) {
     const raw = await readFile(TOKEN_PATH, "utf-8");
     const tokens = JSON.parse(raw);
     delete tokens[profile];
-    await writeFile(TOKEN_PATH, JSON.stringify(tokens, null, 2), "utf-8");
+    await writeFile(
+      TOKEN_PATH,
+      JSON.stringify(tokens, null, 2),
+      { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
+    );
   }
   if (existsSync(USER_TOKEN_PATH)) {
     const raw = await readFile(USER_TOKEN_PATH, "utf-8");
     const tokens = JSON.parse(raw);
     delete tokens[profile];
-    await writeFile(USER_TOKEN_PATH, JSON.stringify(tokens, null, 2), "utf-8");
+    await writeFile(
+      USER_TOKEN_PATH,
+      JSON.stringify(tokens, null, 2),
+      { encoding: "utf-8", ...IS_UNIX && { mode: 384 } }
+    );
   }
 }
 
 // src/auth/jwt.ts
-import { readFile as readFile2 } from "fs/promises";
+import { readFile as readFile2, stat } from "fs/promises";
 import jwt from "jsonwebtoken";
 async function createJWT(creds) {
   if (!creds.serviceAccount || !creds.privateKeyPath) {
@@ -165,6 +186,15 @@ async function createJWT(creds) {
     );
   }
   const privateKey = await readFile2(creds.privateKeyPath, "utf-8");
+  if (process.platform !== "win32") {
+    const fileStat = await stat(creds.privateKeyPath);
+    const mode = fileStat.mode & 511;
+    if (mode & 63) {
+      console.error(
+        `[nworks] Warning: Private key file has permissions ${mode.toString(8)}. Recommended: 600`
+      );
+    }
+  }
   const now = Math.floor(Date.now() / 1e3);
   const payload = {
     iss: creds.clientId,
@@ -201,7 +231,8 @@ async function refreshToken(profile = "default") {
   });
   if (!res.ok) {
     const text = await res.text();
-    throw new AuthError(`Token exchange failed (${res.status}): ${text}`);
+    const truncated = text.length > 200 ? text.substring(0, 200) + "..." : text;
+    throw new AuthError(`Token exchange failed (${res.status}): ${truncated}`);
   }
   const data = await res.json();
   const expiresIn = Number(data.expires_in);
@@ -215,7 +246,8 @@ async function refreshToken(profile = "default") {
 
 // src/auth/oauth-user.ts
 import { createServer } from "http";
-import { URL } from "url";
+import { randomBytes } from "crypto";
+import { URL as URL2 } from "url";
 var AUTH_URL2 = "https://auth.worksmobile.com/oauth2/v2.0/authorize";
 var TOKEN_URL = "https://auth.worksmobile.com/oauth2/v2.0/token";
 var REDIRECT_PORT = 9876;
@@ -230,19 +262,19 @@ function buildAuthorizeUrl(clientId, scope, state) {
   });
   return `${AUTH_URL2}?${params.toString()}`;
 }
-async function startUserOAuthFlow(_scope, profile = "default") {
+async function startUserOAuthFlow(_scope, profile = "default", expectedState) {
   const creds = await loadCredentials(profile);
-  const code = await waitForAuthCode();
+  const code = await waitForAuthCode(expectedState ?? randomBytes(16).toString("hex"));
   return exchangeCodeForToken(code, creds.clientId, creds.clientSecret);
 }
-function waitForAuthCode() {
-  return new Promise((resolve, reject) => {
+function waitForAuthCode(expectedState) {
+  return new Promise((resolve2, reject) => {
     const timeout = setTimeout(() => {
       server.close();
       reject(new AuthError("OAuth login timed out (120s). Try again."));
     }, 12e4);
     const server = createServer((req, res) => {
-      const url = new URL(req.url ?? "/", `http://localhost:${REDIRECT_PORT}`);
+      const url = new URL2(req.url ?? "/", `http://localhost:${REDIRECT_PORT}`);
       if (url.pathname !== "/callback") {
         res.writeHead(404);
         res.end("Not found");
@@ -250,6 +282,15 @@ function waitForAuthCode() {
       }
       const code = url.searchParams.get("code");
       const error = url.searchParams.get("error");
+      const state = url.searchParams.get("state");
+      if (state !== expectedState) {
+        res.writeHead(403, { "Content-Type": "text/html; charset=utf-8" });
+        res.end("<h2>\uBCF4\uC548 \uC624\uB958</h2><p>state \uBD88\uC77C\uCE58. \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC138\uC694.</p>");
+        clearTimeout(timeout);
+        server.close();
+        reject(new AuthError("OAuth state mismatch \u2014 possible CSRF attack."));
+        return;
+      }
       if (error) {
         res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
         res.end("<h2>\uB85C\uADF8\uC778 \uC2E4\uD328</h2><p>\uC774 \uCC3D\uC744 \uB2EB\uC544\uB3C4 \uB429\uB2C8\uB2E4.</p>");
@@ -270,9 +311,9 @@ function waitForAuthCode() {
       res.end("<h2>\uB85C\uADF8\uC778 \uC131\uACF5!</h2><p>\uC774 \uCC3D\uC744 \uB2EB\uACE0 \uD130\uBBF8\uB110\uB85C \uB3CC\uC544\uAC00\uC138\uC694.</p>");
       clearTimeout(timeout);
       server.close();
-      resolve(code);
+      resolve2(code);
     });
-    server.listen(REDIRECT_PORT, () => {
+    server.listen(REDIRECT_PORT, "127.0.0.1", () => {
     });
     server.on("error", (err) => {
       clearTimeout(timeout);
@@ -295,7 +336,8 @@ async function exchangeCodeForToken(code, clientId, clientSecret) {
   });
   if (!res.ok) {
     const text = await res.text();
-    throw new AuthError(`Token exchange failed (${res.status}): ${text}`);
+    const truncated = text.length > 200 ? text.substring(0, 200) + "..." : text;
+    throw new AuthError(`Token exchange failed (${res.status}): ${truncated}`);
   }
   const data = await res.json();
   return {
@@ -320,7 +362,8 @@ async function refreshUserToken(refreshToken2, profile = "default") {
   });
   if (!res.ok) {
     const text = await res.text();
-    throw new AuthError(`Token refresh failed (${res.status}): ${text}`);
+    const truncated = text.length > 200 ? text.substring(0, 200) + "..." : text;
+    throw new AuthError(`Token refresh failed (${res.status}): ${truncated}`);
   }
   const data = await res.json();
   return {
@@ -330,11 +373,28 @@ async function refreshUserToken(refreshToken2, profile = "default") {
     scope: data.scope
   };
 }
-function startOAuthCallbackServer(clientId, clientSecret) {
-  return waitForAuthCode().then(
+function startOAuthCallbackServer(clientId, clientSecret, expectedState) {
+  return waitForAuthCode(expectedState).then(
     (code) => exchangeCodeForToken(code, clientId, clientSecret)
   );
 }
+async function revokeToken(token, clientId, clientSecret) {
+  try {
+    const res = await fetch("https://auth.worksmobile.com/oauth2/v2.0/revoke", {
+      method: "POST",
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      body: new URLSearchParams({
+        token,
+        client_id: clientId,
+        client_secret: clientSecret
+      }).toString()
+    });
+    if (!res.ok && process.env["NWORKS_VERBOSE"] === "1") {
+      console.error(`[nworks] Token revoke returned ${res.status}`);
+    }
+  } catch {
+  }
+}
 
 // src/output/format.ts
 function output(data, opts = {}) {
@@ -409,7 +469,7 @@ function errorOutput(error, opts = {}) {
 }
 
 // src/commands/login.ts
-import { randomBytes } from "crypto";
+import { randomBytes as randomBytes2 } from "crypto";
 async function prompt(question) {
   const rl = createInterface({
     input: process.stdin,
@@ -460,7 +520,7 @@ async function handleUserLogin(scope, profile, opts) {
   } catch {
     await saveCredentials({ clientId, clientSecret }, profile);
   }
-  const state = randomBytes(16).toString("hex");
+  const state = randomBytes2(16).toString("hex");
   const authorizeUrl = buildAuthorizeUrl(clientId, scope, state);
   console.error(`
 Opening browser for NAVER WORKS login...`);
@@ -470,8 +530,12 @@ Opening browser for NAVER WORKS login...`);
 `);
   const { exec } = await import("child_process");
   const openCmd = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
-  exec(`${openCmd} "${authorizeUrl}"`);
-  const tokenData = await startUserOAuthFlow(scope, profile);
+  if (process.platform === "win32") {
+    exec(`start "" "${authorizeUrl}"`);
+  } else {
+    exec(`${openCmd} "${authorizeUrl}"`);
+  }
+  const tokenData = await startUserOAuthFlow(scope, profile, state);
   await saveUserToken(tokenData, profile);
   output(
     {
@@ -569,7 +633,7 @@ var ERROR_HINTS_MCP = {
   FORBIDDEN: "\uAD8C\uD55C\uC774 \uBD80\uC871\uD569\uB2C8\uB2E4. Developer Console\uC5D0\uC11C OAuth Scope\uB97C \uD655\uC778\uD558\uC138\uC694.",
   ACCESS_DENIED: "\uC811\uADFC\uC774 \uAC70\uBD80\uB410\uC2B5\uB2C8\uB2E4. Admin\uC5D0\uC11C Bot\uC744 \uCD94\uAC00\uD588\uB294\uC9C0 \uD655\uC778\uD558\uC138\uC694.",
   SERVICE_ACCOUNT_NOT_ALLOWED: "\uC11C\uBE44\uC2A4 \uACC4\uC815\uC73C\uB85C\uB294 \uC774 API\uB97C \uC0AC\uC6A9\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. nworks_login_user tool\uB85C User OAuth \uB85C\uADF8\uC778\uC744 \uBA3C\uC800 \uD574\uC8FC\uC138\uC694.",
-  UNAUTHORIZED: "\uC778\uC99D\uC774 \uB9CC\uB8CC\uB410\uC2B5\uB2C8\uB2E4. nworks_setup tool\uB85C \uC7AC\uC124\uC815\uD558\uC138\uC694."
+  UNAUTHORIZED: "\uC778\uC99D\uC774 \uB9CC\uB8CC\uB410\uC2B5\uB2C8\uB2E4. nworks_login_user tool\uB85C \uB2E4\uC2DC \uBE0C\uB77C\uC6B0\uC800 \uB85C\uADF8\uC778\uD558\uC138\uC694. \uADF8\uB798\uB3C4 \uC548 \uB418\uBA74 nworks_setup tool\uB85C \uC7AC\uC124\uC815 \uD6C4 \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC138\uC694."
 };
 function cliErrorHint(err, area) {
   if (err instanceof ApiError) {
@@ -601,7 +665,7 @@ function mcpErrorHint(err, area) {
   if (err instanceof AuthError) {
     return `Error: ${err.message}
 
-[\uC548\uB0B4] \uC778\uC99D \uC815\uBCF4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4. nworks_setup tool\uB85C Client ID/Secret\uC744 \uBA3C\uC800 \uC124\uC815\uD574\uC8FC\uC138\uC694.`;
+[\uC548\uB0B4] \uC778\uC99D \uC815\uBCF4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4. nworks_setup tool\uC744 \uBA3C\uC800 \uD638\uCD9C\uD558\uC138\uC694 (Client ID \uD544\uC694, Client Secret\uC740 \uD658\uACBD\uBCC0\uC218 NWORKS_CLIENT_SECRET\uC5D0\uC11C \uC77D\uC74C). \uD658\uACBD\uBCC0\uC218\uAC00 \uC5C6\uC73C\uBA74 \uC0AC\uC6A9\uC790\uC5D0\uAC8C MCP \uC124\uC815 \uD30C\uC77C\uC758 env \uD544\uB4DC\uC5D0 NWORKS_CLIENT_SECRET \uCD94\uAC00\uB97C \uC548\uB0B4\uD558\uC138\uC694.`;
   }
   return `Error: ${err.message}`;
 }
@@ -648,6 +712,18 @@ function cliError(err, opts = {}, area) {
 var logoutCommand = new Command2("logout").description("Remove stored credentials and tokens").option("--profile <name>", "Profile name", "default").option("--json", "JSON output").action(async (opts) => {
   try {
     const profile = opts.profile;
+    try {
+      const creds = await loadCredentials(profile);
+      const token = await loadToken(profile);
+      const userToken = await loadUserToken(profile);
+      if (token?.accessToken) {
+        await revokeToken(token.accessToken, creds.clientId, creds.clientSecret);
+      }
+      if (userToken?.refreshToken) {
+        await revokeToken(userToken.refreshToken, creds.clientId, creds.clientSecret);
+      }
+    } catch {
+    }
     await clearCredentials(profile);
     output({ success: true, message: `Logged out (profile: ${profile})` }, opts);
   } catch (err) {
@@ -692,7 +768,7 @@ import { Command as Command4 } from "commander";
 var BASE_URL = "https://www.worksapis.com/v1.0";
 var MAX_RETRIES = 3;
 function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
+  return new Promise((resolve2) => setTimeout(resolve2, ms));
 }
 async function request(opts, _retryCount = 0) {
   const { method, path, body, profile = "default" } = opts;
@@ -714,7 +790,9 @@ async function request(opts, _retryCount = 0) {
     return request(opts, _retryCount + 1);
   }
   if (res.status === 429 && _retryCount < MAX_RETRIES) {
-    const retryAfter = parseInt(res.headers.get("Retry-After") ?? "5", 10);
+    const MAX_RETRY_AFTER = 60;
+    const rawRetry = parseInt(res.headers.get("Retry-After") ?? "5", 10);
+    const retryAfter = Math.min(Number.isNaN(rawRetry) ? 5 : rawRetry, MAX_RETRY_AFTER);
     await sleep(retryAfter * 1e3);
     return request(opts, _retryCount + 1);
   }
@@ -739,6 +817,58 @@ async function request(opts, _retryCount = 0) {
   return JSON.parse(text);
 }
 
+// src/utils/sanitize.ts
+import { basename, resolve, sep } from "path";
+import { randomBytes as randomBytes3 } from "crypto";
+function sanitizePathSegment(value) {
+  if (!value || typeof value !== "string") {
+    throw new Error("Path segment must be a non-empty string");
+  }
+  if (value === "me") return value;
+  if (/[/\\]/.test(value) || value.includes("..")) {
+    throw new Error(`Invalid path segment: "${value}"`);
+  }
+  return encodeURIComponent(value);
+}
+function sanitizeFileName(name) {
+  if (!name || typeof name !== "string") {
+    throw new Error("File name must be a non-empty string");
+  }
+  const base = basename(name);
+  return base.replace(/[\r\n"\\]/g, "_");
+}
+function validateLocalPath(filePath, allowedBase) {
+  const resolved = resolve(filePath);
+  if (allowedBase) {
+    const resolvedBase = resolve(allowedBase);
+    if (resolved !== resolvedBase && !resolved.startsWith(resolvedBase + sep)) {
+      throw new Error(`Path "${filePath}" escapes the allowed directory "${allowedBase}"`);
+    }
+  }
+  return resolved;
+}
+function validateRedirectUrl(location, allowedHosts) {
+  let parsed;
+  try {
+    parsed = new URL(location);
+  } catch {
+    throw new Error(`Invalid redirect URL: "${location}"`);
+  }
+  if (parsed.protocol !== "https:") {
+    throw new Error(`Redirect URL must use HTTPS: "${location}"`);
+  }
+  const isAllowed = allowedHosts.some(
+    (host) => parsed.hostname === host || parsed.hostname.endsWith("." + host)
+  );
+  if (!isAllowed) {
+    throw new Error(`Redirect to untrusted host: "${parsed.hostname}"`);
+  }
+  return location;
+}
+function generateSecureState() {
+  return randomBytes3(32).toString("hex");
+}
+
 // src/api/message.ts
 function buildContent(opts) {
   const type = opts.type ?? "text";
@@ -746,7 +876,11 @@ function buildContent(opts) {
     return { type: "text", text: opts.text };
   }
   if (type === "button") {
-    const actions = opts.actions ? JSON.parse(opts.actions) : [];
+    const actions = opts.actions ? (() => {
+      const parsed = JSON.parse(opts.actions);
+      if (!Array.isArray(parsed)) throw new Error("actions must be a JSON array");
+      return parsed;
+    })() : [];
     return {
       type: "button_template",
       contentText: opts.text,
@@ -754,7 +888,11 @@ function buildContent(opts) {
     };
   }
   if (type === "list") {
-    const elements = opts.elements ? JSON.parse(opts.elements) : [];
+    const elements = opts.elements ? (() => {
+      const parsed = JSON.parse(opts.elements);
+      if (!Array.isArray(parsed)) throw new Error("elements must be a JSON array");
+      return parsed;
+    })() : [];
     return {
       type: "list_template",
       coverData: { text: opts.text },
@@ -776,7 +914,7 @@ async function send(opts) {
   if (opts.to) {
     const result = await request({
       method: "POST",
-      path: `/bots/${creds.botId}/users/${opts.to}/messages`,
+      path: `/bots/${sanitizePathSegment(creds.botId)}/users/${sanitizePathSegment(opts.to)}/messages`,
       body,
       profile
     });
@@ -785,7 +923,7 @@ async function send(opts) {
   if (opts.channel) {
     const result = await request({
       method: "POST",
-      path: `/bots/${creds.botId}/channels/${opts.channel}/messages`,
+      path: `/bots/${sanitizePathSegment(creds.botId)}/channels/${sanitizePathSegment(opts.channel)}/messages`,
       body,
       profile
     });
@@ -802,7 +940,7 @@ async function listMembers(channelId, profile = "default") {
   }
   const result = await request({
     method: "GET",
-    path: `/bots/${creds.botId}/channels/${channelId}/members`,
+    path: `/bots/${sanitizePathSegment(creds.botId)}/channels/${sanitizePathSegment(channelId)}/members`,
     profile
   });
   return { members: result.members ?? [], responseMetaData: result.responseMetaData };
@@ -936,7 +1074,7 @@ function normalizeDateTime(dt) {
 async function listEvents(fromDateTime, untilDateTime, userId = "me", profile = "default") {
   const from = encodeURIComponent(fromDateTime);
   const until = encodeURIComponent(untilDateTime);
-  const url = `${BASE_URL2}/users/${userId}/calendar/events?fromDateTime=${from}&untilDateTime=${until}`;
+  const url = `${BASE_URL2}/users/${sanitizePathSegment(userId)}/calendar/events?fromDateTime=${from}&untilDateTime=${until}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -973,10 +1111,10 @@ async function createEvent(opts) {
     eventComponents: [eventComponent],
     sendNotification: opts.sendNotification ?? false
   };
-  const url = `${BASE_URL2}/users/${userId}/calendar/events`;
+  const url = `${BASE_URL2}/users/${sanitizePathSegment(userId)}/calendar/events`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
-    console.error(`[nworks] Body: ${JSON.stringify(body, null, 2)}`);
+    console.error(`[nworks] Body: ${JSON.stringify(body).length} bytes`);
   }
   const res = await authedFetch(
     url,
@@ -994,7 +1132,7 @@ async function createEvent(opts) {
   return await res.json();
 }
 async function getEvent(eventId, userId = "me", profile = "default") {
-  const url = `${BASE_URL2}/users/${userId}/calendar/events/${eventId}`;
+  const url = `${BASE_URL2}/users/${sanitizePathSegment(userId)}/calendar/events/${sanitizePathSegment(eventId)}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1037,10 +1175,10 @@ async function updateEvent(opts) {
     eventComponents: [eventComponent],
     sendNotification: opts.sendNotification ?? false
   };
-  const url = `${BASE_URL2}/users/${userId}/calendar/events/${opts.eventId}`;
+  const url = `${BASE_URL2}/users/${sanitizePathSegment(userId)}/calendar/events/${sanitizePathSegment(opts.eventId)}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] PUT ${url}`);
-    console.error(`[nworks] Body: ${JSON.stringify(body, null, 2)}`);
+    console.error(`[nworks] Body: ${JSON.stringify(body).length} bytes`);
   }
   const res = await authedFetch(
     url,
@@ -1056,7 +1194,7 @@ async function updateEvent(opts) {
 async function deleteEvent(eventId, userId = "me", sendNotification = false, profile = "default") {
   const params = new URLSearchParams();
   params.set("sendNotification", String(sendNotification));
-  const url = `${BASE_URL2}/users/${userId}/calendar/events/${eventId}?${params.toString()}`;
+  const url = `${BASE_URL2}/users/${sanitizePathSegment(userId)}/calendar/events/${sanitizePathSegment(eventId)}?${params.toString()}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] DELETE ${url}`);
   }
@@ -1182,9 +1320,15 @@ import { join as join2 } from "path";
 import { Command as Command7 } from "commander";
 
 // src/api/drive.ts
-import { readFile as readFile4, stat } from "fs/promises";
-import { basename } from "path";
+import { readFile as readFile4, stat as stat2 } from "fs/promises";
+import { basename as basename2 } from "path";
 var BASE_URL3 = "https://www.worksapis.com/v1.0";
+var MAX_UPLOAD_SIZE = 100 * 1024 * 1024;
+var ALLOWED_HOSTS = [
+  "storage.worksmobile.com",
+  "www.worksapis.com",
+  "worksapis.com"
+];
 async function authedFetch2(url, init, profile) {
   const token = await getValidUserToken(profile);
   const headers = new Headers(init.headers);
@@ -1206,8 +1350,8 @@ async function handleError2(res) {
   throw new ApiError(code, description, res.status);
 }
 async function listFiles(userId = "me", folderId, count = 20, cursor, profile = "default") {
-  const base = `${BASE_URL3}/users/${userId}/drive/files`;
-  const path = folderId ? `${base}/${folderId}/children` : base;
+  const base = `${BASE_URL3}/users/${sanitizePathSegment(userId)}/drive/files`;
+  const path = folderId ? `${base}/${sanitizePathSegment(folderId)}/children` : base;
   const params = new URLSearchParams();
   params.set("count", String(count));
   if (cursor) params.set("cursor", cursor);
@@ -1221,11 +1365,15 @@ async function listFiles(userId = "me", folderId, count = 20, cursor, profile =
   return { files: data.files ?? [], responseMetaData: data.responseMetaData };
 }
 async function uploadFile(localPath, userId = "me", folderId, overwrite = false, profile = "default") {
-  const fileName = basename(localPath);
-  const fileStat = await stat(localPath);
+  const fileName = basename2(localPath);
+  const safeName = sanitizeFileName(fileName);
+  const fileStat = await stat2(localPath);
   const fileSize = fileStat.size;
-  const base = `${BASE_URL3}/users/${userId}/drive/files`;
-  const createUrl = folderId ? `${base}/${folderId}` : base;
+  if (fileSize > MAX_UPLOAD_SIZE) {
+    throw new ApiError("FILE_TOO_LARGE", `File size (${fileSize} bytes) exceeds maximum allowed (${MAX_UPLOAD_SIZE} bytes)`, 413);
+  }
+  const base = `${BASE_URL3}/users/${sanitizePathSegment(userId)}/drive/files`;
+  const createUrl = folderId ? `${base}/${sanitizePathSegment(folderId)}` : base;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${createUrl} (create upload URL)`);
   }
@@ -1240,11 +1388,12 @@ async function uploadFile(localPath, userId = "me", folderId, overwrite = false,
   );
   if (!createRes.ok) return handleError2(createRes);
   const { uploadUrl } = await createRes.json();
+  validateRedirectUrl(uploadUrl, ALLOWED_HOSTS);
   const fileBuffer = await readFile4(localPath);
   const boundary = `----nworks${Date.now()}`;
   const header = Buffer.from(
     `--${boundary}\r
-Content-Disposition: form-data; name="Filedata"; filename="${fileName}"\r
+Content-Disposition: form-data; name="Filedata"; filename="${safeName}"\r
 Content-Type: application/octet-stream\r
 \r
 `
@@ -1270,8 +1419,11 @@ Content-Type: application/octet-stream\r
 }
 async function uploadBuffer(fileBuffer, fileName, userId = "me", folderId, overwrite = false, profile = "default") {
   const fileSize = fileBuffer.length;
-  const base = `${BASE_URL3}/users/${userId}/drive/files`;
-  const createUrl = folderId ? `${base}/${folderId}` : base;
+  if (fileSize > MAX_UPLOAD_SIZE) {
+    throw new ApiError("FILE_TOO_LARGE", `File size (${fileSize} bytes) exceeds maximum allowed (${MAX_UPLOAD_SIZE} bytes)`, 413);
+  }
+  const base = `${BASE_URL3}/users/${sanitizePathSegment(userId)}/drive/files`;
+  const createUrl = folderId ? `${base}/${sanitizePathSegment(folderId)}` : base;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${createUrl} (create upload URL for buffer)`);
   }
@@ -1286,10 +1438,11 @@ async function uploadBuffer(fileBuffer, fileName, userId = "me", folderId, overw
   );
   if (!createRes.ok) return handleError2(createRes);
   const { uploadUrl } = await createRes.json();
+  validateRedirectUrl(uploadUrl, ALLOWED_HOSTS);
   const boundary = `----nworks${Date.now()}`;
   const header = Buffer.from(
     `--${boundary}\r
-Content-Disposition: form-data; name="Filedata"; filename="${fileName}"\r
+Content-Disposition: form-data; name="Filedata"; filename="${sanitizeFileName(fileName)}"\r
 Content-Type: application/octet-stream\r
 \r
 `
@@ -1314,7 +1467,7 @@ Content-Type: application/octet-stream\r
   return await uploadRes.json();
 }
 async function downloadFile(fileId, userId = "me", profile = "default") {
-  const url = `${BASE_URL3}/users/${userId}/drive/files/${fileId}/download`;
+  const url = `${BASE_URL3}/users/${sanitizePathSegment(userId)}/drive/files/${sanitizePathSegment(fileId)}/download`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url} (get download URL)`);
   }
@@ -1331,10 +1484,11 @@ async function downloadFile(fileId, userId = "me", profile = "default") {
     if (!redirectRes.ok) return handleError2(redirectRes);
     throw new ApiError("NO_REDIRECT", "No download URL returned", redirectRes.status);
   }
+  const safeLocation = validateRedirectUrl(location, ALLOWED_HOSTS);
   if (process.env["NWORKS_VERBOSE"] === "1") {
-    console.error(`[nworks] GET ${location} (download content)`);
+    console.error(`[nworks] GET ${safeLocation} (download content)`);
   }
-  const downloadRes = await authedFetch2(location, { method: "GET" }, profile);
+  const downloadRes = await fetch(safeLocation, { method: "GET" });
   if (!downloadRes.ok) return handleError2(downloadRes);
   const arrayBuffer = await downloadRes.arrayBuffer();
   const buffer = Buffer.from(arrayBuffer);
@@ -1471,7 +1625,7 @@ async function handleError3(res) {
 async function sendMail(opts) {
   const userId = opts.userId ?? "me";
   const profile = opts.profile ?? "default";
-  const url = `${BASE_URL4}/users/${userId}/mail`;
+  const url = `${BASE_URL4}/users/${sanitizePathSegment(userId)}/mail`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
   }
@@ -1500,7 +1654,7 @@ async function listMails(folderId = 0, userId = "me", count = 30, cursor, isUnre
   params.set("count", String(count));
   if (cursor) params.set("cursor", cursor);
   if (isUnread) params.set("isUnread", "true");
-  const url = `${BASE_URL4}/users/${userId}/mail/mailfolders/${folderId}/children?${params.toString()}`;
+  const url = `${BASE_URL4}/users/${sanitizePathSegment(userId)}/mail/mailfolders/${sanitizePathSegment(String(folderId))}/children?${params.toString()}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1516,7 +1670,7 @@ async function listMails(folderId = 0, userId = "me", count = 30, cursor, isUnre
   };
 }
 async function readMail(mailId, userId = "me", profile = "default") {
-  const url = `${BASE_URL4}/users/${userId}/mail/${mailId}`;
+  const url = `${BASE_URL4}/users/${sanitizePathSegment(userId)}/mail/${sanitizePathSegment(String(mailId))}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1640,7 +1794,7 @@ async function handleError4(res) {
 }
 async function resolveUserId(userId, profile) {
   if (userId !== "me") return userId;
-  const url = `${BASE_URL5}/users/me`;
+  const url = `${BASE_URL5}/users/${sanitizePathSegment(userId)}`;
   const res = await authedFetch4(url, { method: "GET" }, profile);
   if (!res.ok) return handleError4(res);
   const data = await res.json();
@@ -1655,7 +1809,7 @@ async function listTasks(categoryId = "default", userId = "me", count = 50, curs
   params.set("count", String(count));
   params.set("status", status);
   if (cursor) params.set("cursor", cursor);
-  const url = `${BASE_URL5}/users/${userId}/tasks?${params.toString()}`;
+  const url = `${BASE_URL5}/users/${sanitizePathSegment(userId)}/tasks?${params.toString()}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1679,10 +1833,10 @@ async function createTask(opts) {
   };
   if (opts.dueDate) body.dueDate = opts.dueDate;
   if (opts.categoryId) body.categoryId = opts.categoryId;
-  const url = `${BASE_URL5}/users/${userId}/tasks`;
+  const url = `${BASE_URL5}/users/${sanitizePathSegment(userId)}/tasks`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
-    console.error(`[nworks] Body: ${JSON.stringify(body, null, 2)}`);
+    console.error(`[nworks] Body: ${JSON.stringify(body).length} bytes`);
   }
   const res = await authedFetch4(
     url,
@@ -1705,7 +1859,7 @@ async function updateTask(opts) {
   if (opts.title !== void 0) body.title = opts.title;
   if (opts.content !== void 0) body.content = opts.content;
   if (opts.dueDate !== void 0) body.dueDate = opts.dueDate;
-  const url = `${BASE_URL5}/tasks/${opts.taskId}`;
+  const url = `${BASE_URL5}/tasks/${sanitizePathSegment(opts.taskId)}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] PATCH ${url}`);
   }
@@ -1722,7 +1876,7 @@ async function updateTask(opts) {
   return await res.json();
 }
 async function completeTask(taskId, profile = "default") {
-  const url = `${BASE_URL5}/tasks/${taskId}/complete`;
+  const url = `${BASE_URL5}/tasks/${sanitizePathSegment(taskId)}/complete`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
   }
@@ -1735,7 +1889,7 @@ async function completeTask(taskId, profile = "default") {
   if (!res.ok) return handleError4(res);
 }
 async function incompleteTask(taskId, profile = "default") {
-  const url = `${BASE_URL5}/tasks/${taskId}/incomplete`;
+  const url = `${BASE_URL5}/tasks/${sanitizePathSegment(taskId)}/incomplete`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
   }
@@ -1748,7 +1902,7 @@ async function incompleteTask(taskId, profile = "default") {
   if (!res.ok) return handleError4(res);
 }
 async function deleteTask(taskId, profile = "default") {
-  const url = `${BASE_URL5}/tasks/${taskId}`;
+  const url = `${BASE_URL5}/tasks/${sanitizePathSegment(taskId)}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] DELETE ${url}`);
   }
@@ -1920,7 +2074,7 @@ async function listBoards(count = 20, cursor, profile = "default") {
   if (!res.ok) return handleError5(res);
   const text = await res.text();
   if (process.env["NWORKS_VERBOSE"] === "1") {
-    console.error(`[nworks] Response: ${text}`);
+    console.error(`[nworks] Response: ${res.status} (${text.length} bytes)`);
   }
   const data = safeParseJson(text);
   return { boards: data.boards ?? [], responseMetaData: data.responseMetaData };
@@ -1929,7 +2083,7 @@ async function listPosts(boardId, count = 20, cursor, profile = "default") {
   const params = new URLSearchParams();
   params.set("count", String(count));
   if (cursor) params.set("cursor", cursor);
-  const url = `${BASE_URL6}/boards/${boardId}/posts?${params.toString()}`;
+  const url = `${BASE_URL6}/boards/${sanitizePathSegment(boardId)}/posts?${params.toString()}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1937,13 +2091,13 @@ async function listPosts(boardId, count = 20, cursor, profile = "default") {
   if (!res.ok) return handleError5(res);
   const text = await res.text();
   if (process.env["NWORKS_VERBOSE"] === "1") {
-    console.error(`[nworks] Response: ${text}`);
+    console.error(`[nworks] Response: ${res.status} (${text.length} bytes)`);
   }
   const data = safeParseJson(text);
   return { posts: data.posts ?? [], responseMetaData: data.responseMetaData };
 }
 async function readPost(boardId, postId, profile = "default") {
-  const url = `${BASE_URL6}/boards/${boardId}/posts/${postId}`;
+  const url = `${BASE_URL6}/boards/${sanitizePathSegment(boardId)}/posts/${sanitizePathSegment(postId)}`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] GET ${url}`);
   }
@@ -1951,7 +2105,7 @@ async function readPost(boardId, postId, profile = "default") {
   if (!res.ok) return handleError5(res);
   const text = await res.text();
   if (process.env["NWORKS_VERBOSE"] === "1") {
-    console.error(`[nworks] Response: ${text}`);
+    console.error(`[nworks] Response: ${res.status} (${text.length} bytes)`);
   }
   return safeParseJson(text);
 }
@@ -1963,10 +2117,10 @@ async function createPost(opts) {
   };
   if (opts.enableComment !== void 0) body.enableComment = opts.enableComment;
   if (opts.sendNotifications !== void 0) body.sendNotifications = opts.sendNotifications;
-  const url = `${BASE_URL6}/boards/${opts.boardId}/posts`;
+  const url = `${BASE_URL6}/boards/${sanitizePathSegment(opts.boardId)}/posts`;
   if (process.env["NWORKS_VERBOSE"] === "1") {
     console.error(`[nworks] POST ${url}`);
-    console.error(`[nworks] Body: ${JSON.stringify(body, null, 2)}`);
+    console.error(`[nworks] Body: ${JSON.stringify(body).length} bytes`);
   }
   const res = await authedFetch5(
     url,
@@ -1980,7 +2134,7 @@ async function createPost(opts) {
   if (res.status === 201 || res.ok) {
     const text = await res.text();
     if (process.env["NWORKS_VERBOSE"] === "1") {
-      console.error(`[nworks] Response: ${text}`);
+      console.error(`[nworks] Response: ${res.status} (${text.length} bytes)`);
     }
     return safeParseJson(text);
   }
@@ -2103,7 +2257,7 @@ async function runChecks(profile) {
     creds = await loadCredentials(profile);
     results.push({ check: "credentials", status: "OK", detail: `clientId: ${creds.clientId}` });
   } catch {
-    results.push({ check: "credentials", status: "FAIL", detail: "\uC778\uC99D \uC815\uBCF4 \uC5C6\uC74C. `nworks login` \uB610\uB294 nworks_setup \uD544\uC694" });
+    results.push({ check: "credentials", status: "FAIL", detail: "\uC778\uC99D \uC815\uBCF4 \uC5C6\uC74C. CLI: `nworks login --user` / MCP: nworks_setup tool \uC0AC\uC6A9 (\uD658\uACBD\uBCC0\uC218 NWORKS_CLIENT_SECRET \uD544\uC694)" });
     return results;
   }
   if (hasServiceAccountCreds(creds)) {
@@ -2205,7 +2359,26 @@ var doctorCommand = new Command11("doctor").description("Check nworks configurat
 function registerTools(server) {
   server.tool(
     "nworks_setup",
-    "NAVER WORKS API \uC778\uC99D \uC815\uBCF4\uB97C \uC124\uC815\uD569\uB2C8\uB2E4. \uBBFC\uAC10 \uC815\uBCF4(Client Secret, Private Key \uACBD\uB85C)\uB294 \uC774 tool\uC758 \uD30C\uB77C\uBBF8\uD130\uB85C \uBC1B\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4 \u2014 \uC0AC\uC6A9\uC790\uAC00 MCP \uC124\uC815 \uD30C\uC77C(\uC608: claude_desktop_config.json)\uC758 env \uD544\uB4DC\uC5D0 NWORKS_CLIENT_SECRET(\uD544\uC218)\uACFC NWORKS_PRIVATE_KEY_PATH(Service Account \uC0AC\uC6A9 \uC2DC)\uB97C \uBBF8\uB9AC \uC124\uC815\uD574\uC57C \uD569\uB2C8\uB2E4. Developer Console: https://dev.worksmobile.com. \uD658\uACBD\uBCC0\uC218\uAC00 \uC124\uC815\uB418\uC9C0 \uC54A\uC740 \uACBD\uC6B0, \uC0AC\uC6A9\uC790\uC5D0\uAC8C \uC124\uC815 \uBC29\uBC95\uC744 \uC548\uB0B4\uD558\uC138\uC694. \uBA54\uC2DC\uC9C0/\uAD6C\uC131\uC6D0\uC870\uD68C\uB294 Service Account \uC778\uC99D(serviceAccount, botId + \uD658\uACBD\uBCC0\uC218 NWORKS_PRIVATE_KEY_PATH \uD544\uC694). \uCE98\uB9B0\uB354/\uBA54\uC77C/\uD560\uC77C/\uB4DC\uB77C\uC774\uBE0C/\uAC8C\uC2DC\uD310\uC740 User OAuth \uC778\uC99D(\uC124\uC815 \uD6C4 nworks_login_user\uB85C \uBE0C\uB77C\uC6B0\uC800 \uB85C\uADF8\uC778 \uD544\uC694). OAuth Redirect URI: http://localhost:9876/callback",
+    `NAVER WORKS API \uC778\uC99D \uC815\uBCF4\uB97C \uC124\uC815\uD569\uB2C8\uB2E4.
+
+\u25A0 \uC0AC\uC804 \uC900\uBE44 (\uC0AC\uC6A9\uC790\uAC00 \uC9C1\uC811 \uD574\uC57C \uD568):
+  1. https://dev.worksmobile.com \uC5D0\uC11C \uC571 \uC0DD\uC131 \uD6C4 Client ID\uC640 Client Secret\uC744 \uBC1C\uAE09\uBC1B\uC2B5\uB2C8\uB2E4.
+  2. MCP \uC124\uC815 \uD30C\uC77C(\uC608: claude_desktop_config.json)\uC758 nworks \uC11C\uBC84\uC5D0 env \uD544\uB4DC\uB97C \uCD94\uAC00\uD569\uB2C8\uB2E4:
+     { "env": { "NWORKS_CLIENT_SECRET": "<\uBC1C\uAE09\uBC1B\uC740 Client Secret>" } }
+  3. MCP \uD074\uB77C\uC774\uC5B8\uD2B8(\uC608: Claude Desktop)\uB97C \uC7AC\uC2DC\uC791\uD569\uB2C8\uB2E4.
+
+\u25A0 \uC774 tool\uC758 \uC5ED\uD560:
+  - clientId(\uD544\uC218)\uC640 serviceAccount, botId, domainId(\uC120\uD0DD)\uB97C \uD30C\uB77C\uBBF8\uD130\uB85C \uBC1B\uC544 \uC800\uC7A5\uD569\uB2C8\uB2E4.
+  - Client Secret\uC740 \uBCF4\uC548\uC744 \uC704\uD574 \uD30C\uB77C\uBBF8\uD130\uB85C \uBC1B\uC9C0 \uC54A\uC73C\uBA70, \uD658\uACBD\uBCC0\uC218 NWORKS_CLIENT_SECRET\uC5D0\uC11C \uC790\uB3D9\uC73C\uB85C \uC77D\uC2B5\uB2C8\uB2E4.
+  - Service Account \uC0AC\uC6A9 \uC2DC \uD658\uACBD\uBCC0\uC218 NWORKS_PRIVATE_KEY_PATH\uB3C4 \uD544\uC694\uD569\uB2C8\uB2E4.
+
+\u25A0 \uC124\uC815 \uD6C4 \uB2E4\uC74C \uB2E8\uACC4:
+  - \uCE98\uB9B0\uB354/\uBA54\uC77C/\uB4DC\uB77C\uC774\uBE0C/\uD560\uC77C/\uAC8C\uC2DC\uD310 \u2192 nworks_login_user tool\uB85C \uBE0C\uB77C\uC6B0\uC800 \uB85C\uADF8\uC778 \uD544\uC694
+  - \uBA54\uC2DC\uC9C0/\uAD6C\uC131\uC6D0\uC870\uD68C \u2192 Service Account \uC778\uC99D (serviceAccount + botId + NWORKS_PRIVATE_KEY_PATH)
+
+\u25A0 \uD658\uACBD\uBCC0\uC218 NWORKS_CLIENT_SECRET\uC774 \uC5C6\uC73C\uBA74 \uC774 tool\uC740 \uC2E4\uD328\uD569\uB2C8\uB2E4. \uC2E4\uD328 \uC2DC \uC0AC\uC6A9\uC790\uC5D0\uAC8C \uC704 \uC0AC\uC804 \uC900\uBE44 \uB2E8\uACC4\uB97C \uC548\uB0B4\uD558\uC138\uC694.
+
+OAuth Redirect URI: http://localhost:9876/callback`,
     {
       clientId: z.string().describe("Client ID (Developer Console\uC5D0\uC11C \uBC1C\uAE09)"),
       serviceAccount: z.string().optional().describe("Service Account ID (\uC608: xxxxx.serviceaccount@domain)"),
@@ -2220,19 +2393,14 @@ function registerTools(server) {
             content: [{ type: "text", text: JSON.stringify({
               error: true,
               message: "\uD658\uACBD\uBCC0\uC218 NWORKS_CLIENT_SECRET\uC774 \uC124\uC815\uB418\uC5B4 \uC788\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.",
-              solution: "\uC0AC\uC6A9\uC790\uC5D0\uAC8C \uB2E4\uC74C \uC548\uB0B4\uB97C \uC804\uB2EC\uD558\uC138\uC694: MCP \uC124\uC815 \uD30C\uC77C(\uC608: claude_desktop_config.json)\uC758 nworks \uC11C\uBC84 \uC124\uC815\uC5D0 env \uD544\uB4DC\uB97C \uCD94\uAC00\uD574\uC57C \uD569\uB2C8\uB2E4.",
-              example: {
-                mcpServers: {
-                  nworks: {
-                    command: "npx",
-                    args: ["-y", "nworks", "mcp"],
-                    env: {
-                      NWORKS_CLIENT_SECRET: "<Developer Console\uC5D0\uC11C \uBC1C\uAE09\uBC1B\uC740 Client Secret>"
-                    }
-                  }
-                }
-              },
-              developerConsole: "https://dev.worksmobile.com"
+              userAction: [
+                "1. https://dev.worksmobile.com \uC5D0\uC11C \uC571\uC758 Client Secret\uC744 \uD655\uC778\uD569\uB2C8\uB2E4.",
+                "2. MCP \uC124\uC815 \uD30C\uC77C(\uC608: claude_desktop_config.json)\uC744 \uC5F4\uACE0, nworks \uC11C\uBC84 \uC124\uC815\uC5D0 \uB2E4\uC74C\uC744 \uCD94\uAC00\uD569\uB2C8\uB2E4:",
+                '   "env": { "NWORKS_CLIENT_SECRET": "<Client Secret>" }',
+                "3. MCP \uD074\uB77C\uC774\uC5B8\uD2B8(\uC608: Claude Desktop)\uB97C \uC7AC\uC2DC\uC791\uD569\uB2C8\uB2E4.",
+                "4. \uC7AC\uC2DC\uC791 \uD6C4 \uB2E4\uC2DC \uC2DC\uB3C4\uD574\uC8FC\uC138\uC694."
+              ],
+              configExample: '{ "mcpServers": { "nworks": { "command": "npx", "args": ["-y", "nworks", "mcp"], "env": { "NWORKS_CLIENT_SECRET": "<Client Secret>" } } } }'
             }) }],
             isError: true
           };
@@ -2250,7 +2418,7 @@ function registerTools(server) {
         if (serviceAccount && resolvedPrivateKeyPath && botId) {
           nextSteps.push("Service Account \uC778\uC99D \uC900\uBE44 \uC644\uB8CC \u2014 \uBD07 \uBA54\uC2DC\uC9C0 \uB4F1 \uBC14\uB85C \uC0AC\uC6A9 \uAC00\uB2A5");
         } else if (serviceAccount && botId && !resolvedPrivateKeyPath) {
-          nextSteps.push("NWORKS_PRIVATE_KEY_PATH \uD658\uACBD\uBCC0\uC218\uAC00 \uC124\uC815\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4. Service Account \uC778\uC99D\uC5D0\uB294 Private Key \uACBD\uB85C\uAC00 \uD544\uC694\uD569\uB2C8\uB2E4. \uC0AC\uC6A9\uC790\uC5D0\uAC8C MCP \uC124\uC815 \uD30C\uC77C(\uC608: claude_desktop_config.json)\uC758 env \uD544\uB4DC\uC5D0 NWORKS_PRIVATE_KEY_PATH\uB97C \uCD94\uAC00\uD558\uB3C4\uB85D \uC548\uB0B4\uD558\uC138\uC694. Private Key\uB294 Developer Console(https://dev.worksmobile.com)\uC5D0\uC11C \uB2E4\uC6B4\uB85C\uB4DC\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.");
+          nextSteps.push('NWORKS_PRIVATE_KEY_PATH \uD658\uACBD\uBCC0\uC218\uAC00 \uC124\uC815\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4. Service Account \uC778\uC99D\uC5D0\uB294 Private Key \uD30C\uC77C \uACBD\uB85C\uAC00 \uD544\uC694\uD569\uB2C8\uB2E4. \uC0AC\uC6A9\uC790\uC5D0\uAC8C \uC548\uB0B4\uD558\uC138\uC694: (1) Developer Console(https://dev.worksmobile.com)\uC5D0\uC11C Private Key\uB97C \uB2E4\uC6B4\uB85C\uB4DC (2) MCP \uC124\uC815 \uD30C\uC77C\uC758 env\uC5D0 NWORKS_PRIVATE_KEY_PATH\uB97C \uCD94\uAC00 (\uC608: "NWORKS_PRIVATE_KEY_PATH": "C:/keys/private.key") (3) MCP \uD074\uB77C\uC774\uC5B8\uD2B8 \uC7AC\uC2DC\uC791');
         }
         nextSteps.push("User OAuth\uAC00 \uD544\uC694\uD55C API\uB294 nworks_login_user tool\uB85C \uBE0C\uB77C\uC6B0\uC800 \uB85C\uADF8\uC778\uC744 \uC9C4\uD589\uD558\uC138\uC694");
         const mask = (s) => s.length <= 4 ? "****" : `****${s.slice(-Math.min(4, Math.floor(s.length / 3)))}`;
@@ -2262,7 +2430,7 @@ function registerTools(server) {
                 success: true,
                 message: "\uC778\uC99D \uC815\uBCF4\uAC00 \uC800\uC7A5\uB418\uC5C8\uC2B5\uB2C8\uB2E4.",
                 nextSteps,
-                clientId,
+                clientId: mask(clientId),
                 clientSecret: `${mask(resolvedSecret)} (\uD658\uACBD\uBCC0\uC218)`,
                 serviceAccount: serviceAccount ?? null,
                 privateKeyPath: resolvedPrivateKeyPath ? `${mask(resolvedPrivateKeyPath)} (\uD658\uACBD\uBCC0\uC218)` : null,
@@ -2398,7 +2566,17 @@ function registerTools(server) {
       sendNotification: z.boolean().optional().describe("\uCC38\uC11D\uC790\uC5D0\uAC8C \uC54C\uB9BC \uBC1C\uC1A1 (\uAE30\uBCF8: false)"),
       userId: z.string().optional().describe("\uB300\uC0C1 \uC0AC\uC6A9\uC790 ID (\uBBF8\uC9C0\uC815 \uC2DC me)")
     },
-    async ({ summary, start, end, timeZone, description, location, attendees, sendNotification, userId }) => {
+    async ({
+      summary,
+      start,
+      end,
+      timeZone,
+      description,
+      location,
+      attendees,
+      sendNotification,
+      userId
+    }) => {
       try {
         const result = await createEvent({
           summary,
@@ -2437,7 +2615,17 @@ function registerTools(server) {
       sendNotification: z.boolean().optional().describe("\uCC38\uC11D\uC790\uC5D0\uAC8C \uC54C\uB9BC \uBC1C\uC1A1 (\uAE30\uBCF8: false)"),
       userId: z.string().optional().describe("\uB300\uC0C1 \uC0AC\uC6A9\uC790 ID (\uBBF8\uC9C0\uC815 \uC2DC me)")
     },
-    async ({ eventId, summary, start, end, timeZone, description, location, sendNotification, userId }) => {
+    async ({
+      eventId,
+      summary,
+      start,
+      end,
+      timeZone,
+      description,
+      location,
+      sendNotification,
+      userId
+    }) => {
       try {
         await updateEvent({
           eventId,
@@ -2550,11 +2738,12 @@ function registerTools(server) {
             overwrite ?? false
           );
         } else if (filePath) {
+          const safePath = validateLocalPath(filePath);
           if (process.env["NWORKS_VERBOSE"] === "1") {
-            console.error(`[nworks] MCP upload: filePath=${filePath}`);
+            console.error(`[nworks] MCP upload: filePath=${safePath}`);
           }
           result = await uploadFile(
-            filePath,
+            safePath,
             userId ?? "me",
             folderId,
             overwrite ?? false
@@ -2569,10 +2758,11 @@ function registerTools(server) {
           content: [{ type: "text", text: JSON.stringify({ success: true, ...result }) }]
         };
       } catch (err) {
-        const error = err;
-        const detail = process.env["NWORKS_VERBOSE"] === "1" ? ` | stack: ${error.stack}` : "";
+        if (process.env["NWORKS_VERBOSE"] === "1") {
+          console.error(`[nworks] drive upload error: ${err.stack}`);
+        }
         return {
-          content: [{ type: "text", text: `${mcpErrorHint(err, "drive.upload")}${detail}` }],
+          content: [{ type: "text", text: mcpErrorHint(err, "drive.upload") }],
           isError: true
         };
       }
@@ -2597,7 +2787,10 @@ function registerTools(server) {
         if (outputDir) {
           const { writeFile: writeFile3 } = await import("fs/promises");
           const { join: join3 } = await import("path");
-          const outPath = join3(outputDir, fileName);
+          const safeDir = validateLocalPath(outputDir);
+          const safeName = sanitizeFileName(fileName);
+          const outPath = join3(safeDir, safeName);
+          validateLocalPath(outPath, safeDir);
           await writeFile3(outPath, result.buffer);
           return {
             content: [{ type: "text", text: JSON.stringify({ success: true, fileName, path: outPath, size: result.buffer.length }) }]
@@ -3018,9 +3211,9 @@ function registerTools(server) {
         const existingScopes = existingToken?.scope?.split(" ").filter(Boolean) ?? [];
         const requestedScopes = expandScopes((scope ?? DEFAULT_SCOPE).split(" ").filter(Boolean));
         const mergedScopes = [.../* @__PURE__ */ new Set([...existingScopes, ...requestedScopes])].join(" ");
-        const state = Math.random().toString(36).substring(2);
+        const state = generateSecureState();
         const authorizeUrl = buildAuthorizeUrl(creds.clientId, mergedScopes, state);
-        startOAuthCallbackServer(creds.clientId, creds.clientSecret).then(
+        startOAuthCallbackServer(creds.clientId, creds.clientSecret, state).then(
           (token) => saveUserToken({
             accessToken: token.accessToken,
             refreshToken: token.refreshToken,
@@ -3065,9 +3258,10 @@ function registerTools(server) {
         const userToken = await loadUserToken();
         const isValid = token ? token.expiresAt > Date.now() / 1e3 : false;
         const userTokenValid = userToken ? userToken.expiresAt > Date.now() / 1e3 : false;
+        const mask = (s) => s.length <= 4 ? "****" : `****${s.slice(-4)}`;
         const info = {
           serviceAccount: creds.serviceAccount ?? null,
-          clientId: creds.clientId,
+          clientId: mask(creds.clientId),
           botId: creds.botId ?? null,
           tokenValid: isValid,
           userOAuth: userToken ? { valid: userTokenValid, scope: userToken.scope } : null
@@ -3089,6 +3283,18 @@ function registerTools(server) {
     {},
     async () => {
       try {
+        try {
+          const creds = await loadCredentials();
+          const token = await loadToken();
+          const userToken = await loadUserToken();
+          if (token?.accessToken) {
+            await revokeToken(token.accessToken, creds.clientId, creds.clientSecret);
+          }
+          if (userToken?.refreshToken) {
+            await revokeToken(userToken.refreshToken, creds.clientId, creds.clientSecret);
+          }
+        } catch {
+        }
         await clearCredentials();
         return {
           content: [
@@ -3096,7 +3302,7 @@ function registerTools(server) {
               type: "text",
               text: JSON.stringify({
                 success: true,
-                message: "\uC778\uC99D \uC815\uBCF4\uC640 \uD1A0\uD070\uC774 \uBAA8\uB450 \uC0AD\uC81C\uB418\uC5C8\uC2B5\uB2C8\uB2E4. \uB2E4\uC2DC \uC0AC\uC6A9\uD558\uB824\uBA74 nworks_setup tool\uB85C \uC7AC\uC124\uC815\uD558\uC138\uC694."
+                message: "\uC778\uC99D \uC815\uBCF4\uC640 \uD1A0\uD070\uC774 \uBAA8\uB450 \uC0AD\uC81C\uB418\uC5C8\uC2B5\uB2C8\uB2E4. \uB2E4\uC2DC \uC0AC\uC6A9\uD558\uB824\uBA74 nworks_setup tool\uB85C \uC7AC\uC124\uC815 \uD6C4 nworks_login_user\uB85C \uBE0C\uB77C\uC6B0\uC800 \uB85C\uADF8\uC778\uD558\uC138\uC694."
               })
             }
           ]
@@ -3116,8 +3322,21 @@ function registerTools(server) {
     async () => {
       try {
         const results = await runChecks("default");
+        const maskedResults = results.map((r) => {
+          if (r.check === "credentials" && r.status === "OK") {
+            return { ...r, detail: r.detail.replace(/clientId: .+/, "clientId: ****") };
+          }
+          if (r.check === "privateKey" && r.status === "OK") {
+            return { ...r, detail: "OK (path hidden)" };
+          }
+          if (r.check === "serviceAccount" && r.status === "OK") {
+            const masked = r.detail.length <= 4 ? "****" : `****${r.detail.slice(-4)}`;
+            return { ...r, detail: masked };
+          }
+          return r;
+        });
         return {
-          content: [{ type: "text", text: JSON.stringify(results) }]
+          content: [{ type: "text", text: JSON.stringify(maskedResults) }]
         };
       } catch (err) {
         return {