mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening
mcp-ssh-tool has released version 2.1.1 with security hardening for transfer path authorization and HTTP bearer authentication. The release addresses: insufficient local path policy enforcement in transfer-related filesystem handling incomplete canonicalization and segment-boundary handling for deny-prefix path policy checks non-constant-time HTTP bearer token comparison