Fix resource leak issues and add security warning for tokens

Co-authored-by: TheR1D <16740832+TheR1D@users.noreply.github.com>
2026-06-02 06:14:32 +02:00 · 2026-01-28 03:47:36 +00:00
parent bb8dcc3657
commit 22f87edded
2 changed files with 13 additions and 3 deletions
@@ -351,13 +351,16 @@ MCP_ENABLED=true
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
-        "GITHUB_PERSONAL_ACCESS_TOKEN": "your_github_token"
+        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
      }
    }
  }
 }
 ```

+**Security Note:** It's recommended to use environment variables for sensitive data like tokens instead of hardcoding them in the configuration file. The example above shows using `${GITHUB_TOKEN}` which should be set as an environment variable.
+
+
 Once configured, ShellGPT will automatically connect to the MCP servers and make their tools available to the LLM. The LLM can then use these tools just like regular functions:

 ```shell
@@ -136,15 +136,19 @@ class MCPClient:
        if not self.enabled or self._initialized:
            return

+        loop = None
        try:
            # Run async initialization in event loop
            loop = asyncio.new_event_loop()
            asyncio.set_event_loop(loop)
            loop.run_until_complete(self._initialize_async())
-            loop.close()
        except Exception:
            # If initialization fails, disable MCP
+            # Silently fail to avoid breaking existing functionality
            self.enabled = False
+        finally:
+            if loop:
+                loop.close()

    def get_tools_schemas(self) -> List[Dict[str, Any]]:
        """Get OpenAI-compatible function schemas for all MCP tools."""
@@ -211,16 +215,19 @@ class MCPClient:
        server_name, tool_name = parts

        # Run async call in event loop
+        loop = None
        try:
            loop = asyncio.new_event_loop()
            asyncio.set_event_loop(loop)
            result = loop.run_until_complete(
                self._call_tool_async(server_name, tool_name, arguments)
            )
-            loop.close()
            return result
        except Exception as e:
            return f"Error: {str(e)}"
+        finally:
+            if loop:
+                loop.close()

    def cleanup(self) -> None:
        """Clean up MCP client connections."""