fix(mcp): address Copilot review — security, extension alignment, fallback order

- Validate browse_directory paths via resolvePath() to enforce allowed-directory
  security (prevents arbitrary filesystem enumeration)
- Align TABULAR_EXTS with FilesystemResourceProvider (.pqt→.pq, +.xlsm/.xlsb/.ods)
- Reorder set_working_dir fallback: App → native picker → elicitation → text
- Gate _meta.ui.resourceUri on config.enableMcpApps so clients don't see App
  hints when the feature is disabled
- Fix incorrect comment about path.join() always returning POSIX paths

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: jqnatividad

.claude/skills/src/browse-directory.ts

@@ -10,8 +10,9 @@ import { readdir, stat as fsStat } from "node:fs/promises";
 
 /** Tabular file extensions recognised by the directory scanner. */
 export const TABULAR_EXTS = new Set([
-  ".csv", ".tsv", ".tab", ".ssv", ".parquet", ".pqt",
+  ".csv", ".tsv", ".tab", ".ssv", ".parquet", ".pq",
   ".jsonl", ".ndjson", ".json", ".xlsx", ".xls",
+  ".xlsm", ".xlsb", ".ods",
 ]);
 
 export interface SubdirectoryInfo {

.claude/skills/src/mcp-server.ts

@@ -712,19 +712,19 @@ class QsvMcpServer {
               } as { content: Array<{ type: "text"; text: string }> };
             }
 
-            // 2. Try interactive elicitation form
-            const elicitResult = await this.elicitWorkingDirectory();
-            if (elicitResult.directory) {
-              const newDir = this.updateWorkingDirectory(elicitResult.directory);
+            // 2. Try native OS folder picker (macOS Finder dialog)
+            const nativePick = await this.showNativeFolderPicker();
+            if (nativePick) {
+              const newDir = this.updateWorkingDirectory(nativePick);
               this.manuallySetWorkingDir = true;
               this.workingDirConfirmed = true;
               return successResult(`Working directory set to: ${newDir}\n\nAll relative file paths will now be resolved from this directory. Pass "auto" to re-enable automatic root-based sync.`);
             }
 
-            // 3. Try native OS folder picker (macOS Finder dialog)
-            const nativePick = await this.showNativeFolderPicker();
-            if (nativePick) {
-              const newDir = this.updateWorkingDirectory(nativePick);
+            // 3. Try interactive elicitation form
+            const elicitResult = await this.elicitWorkingDirectory();
+            if (elicitResult.directory) {
+              const newDir = this.updateWorkingDirectory(elicitResult.directory);
               this.manuallySetWorkingDir = true;
               this.workingDirConfirmed = true;
               return successResult(`Working directory set to: ${newDir}\n\nAll relative file paths will now be resolved from this directory. Pass "auto" to re-enable automatic root-based sync.`);
@@ -950,12 +950,14 @@ class QsvMcpServer {
   private async handleBrowseDirectory(
     args: Record<string, unknown>,
   ): Promise<{ content: Array<{ type: "text"; text: string }>; isError?: boolean }> {
-    const targetDir =
+    const rawDir =
       typeof args.directory === "string" && args.directory.trim().length > 0
         ? args.directory.trim()
         : this.filesystemProvider.getWorkingDirectory();
 
     try {
+      // Validate the directory is within allowed directories before scanning
+      const targetDir = await this.filesystemProvider.resolvePath(rawDir);
       const result = await scanDirectory(targetDir);
       return successResult(JSON.stringify(result));
     } catch (err) {

.claude/skills/src/mcp-tools.ts

@@ -3207,12 +3207,16 @@ Call without arguments to show an interactive directory picker (when supported b
       },
       required: [],
     },
-    _meta: {
-      "ui/resourceUri": "ui://qsv/directory-picker",
-      ui: {
-        resourceUri: "ui://qsv/directory-picker",
-      },
-    },
+    ...(config.enableMcpApps
+      ? {
+          _meta: {
+            "ui/resourceUri": "ui://qsv/directory-picker",
+            ui: {
+              resourceUri: "ui://qsv/directory-picker",
+            },
+          },
+        }
+      : {}),
   };
 }
 

.claude/skills/src/ui/directory-picker-html.ts

@@ -356,7 +356,7 @@ function updateSelectedState(path) {
 
 function renderBreadcrumbs(path) {
   breadcrumbsEl.innerHTML = "";
-  // Server uses Node.js path.join() which always returns POSIX paths
+  // Server returns POSIX-style paths (forward slashes) on macOS/Linux
   const parts = path.split("/").filter(Boolean);
 
   // Root

.claude/skills/tests/mcp-app.test.ts

@@ -15,14 +15,19 @@ import { join } from "node:path";
 import { createTestDir, cleanupTestDir } from "./test-helpers.js";
 
 describe("MCP App tool definitions", () => {
-  test("qsv_set_working_dir has _meta.ui.resourceUri", async () => {
+  test("qsv_set_working_dir _meta.ui.resourceUri depends on enableMcpApps config", async () => {
     const { createSetWorkingDirTool } = await import("../src/mcp-tools.js");
+    const { config } = await import("../src/config.js");
     const tool = createSetWorkingDirTool();
 
-    assert.ok(tool._meta, "tool should have _meta");
-    const ui = tool._meta!.ui as Record<string, unknown>;
-    assert.ok(ui, "tool._meta should have ui");
-    assert.strictEqual(ui.resourceUri, "ui://qsv/directory-picker");
+    if (config.enableMcpApps) {
+      assert.ok(tool._meta, "tool should have _meta when apps enabled");
+      const ui = tool._meta!.ui as Record<string, unknown>;
+      assert.ok(ui, "tool._meta should have ui");
+      assert.strictEqual(ui.resourceUri, "ui://qsv/directory-picker");
+    } else {
+      assert.strictEqual(tool._meta, undefined, "tool should not have _meta when apps disabled");
+    }
   });
 
   test("qsv_browse_directory has _meta.ui.visibility: ['app']", async () => {
@@ -239,7 +244,7 @@ describe("scanDirectory (extracted from qsv_browse_directory handler)", () => {
 
   test("TABULAR_EXTS covers expected extensions", async () => {
     const { TABULAR_EXTS } = await import("../src/browse-directory.js");
-    for (const ext of [".csv", ".tsv", ".tab", ".ssv", ".parquet", ".pqt", ".jsonl", ".ndjson", ".json", ".xlsx", ".xls"]) {
+    for (const ext of [".csv", ".tsv", ".tab", ".ssv", ".parquet", ".pq", ".jsonl", ".ndjson", ".json", ".xlsx", ".xls", ".xlsm", ".xlsb", ".ods"]) {
       assert.ok(TABULAR_EXTS.has(ext), `should include ${ext}`);
     }
     assert.ok(!TABULAR_EXTS.has(".txt"), "should not include .txt");