feat: add validation to prevent usage of 'stdio' in MCP servers

Author: liuruibin

apps/application/flow/step_node/ai_chat_step_node/impl/base_chat_node.py

@@ -222,7 +222,7 @@ def execute(self, model_id, system, prompt, dialogue_number, history_chat_record
         message_list = self.generate_message_list(system, prompt, history_message)
         self.context['message_list'] = message_list
 
-        if mcp_enable and mcp_servers is not None:
+        if mcp_enable and mcp_servers is not None and '"stdio"' not in mcp_servers:
             r = mcp_response_generator(chat_model, message_list, mcp_servers)
             return NodeResult(
                 {'result': r, 'chat_model': chat_model, 'message_list': message_list,

apps/application/serializers/application.py

@@ -630,6 +630,8 @@ def get_mcp_servers(self, instance, with_valid=True):
         if with_valid:
             self.is_valid(raise_exception=True)
             McpServersSerializer(data=instance).is_valid(raise_exception=True)
+            if '"stdio"' in instance.get('mcp_servers'):
+                raise AppApiException(500, _('stdio is not supported'))
         servers = json.loads(instance.get('mcp_servers'))
         tools = []
         for server in servers: