hyperb1iss/droidmind

Released: 2026-01-06

This release adds the droidmind-client CLI for server introspection, introduces shared intent functionality, significantly strengthens shell command security validation, and upgrades the MCP SDK to version 1.25.0.

🌟 Highlights

✨ DroidMind Client CLI

New droidmind-client command-line tool for introspecting running DroidMind servers. The list-tools subcommand queries available MCP tools from an SSE server and outputs JSON, supporting sse://, sses://, http://, and https:// URL schemes. Useful for verifying server connectivity and discovering tool capabilities.

🔒️ Hardened Shell Command Security

Complete refactor of assess_command_risk() and validate_shell_command() in droidmind/security.py to properly parse chained commands (&&, ;, ||, |). Previously, chained segments were not validated individually, allowing dangerous commands like echo ok && rm -rf / to pass. Now each segment is validated, and rm is added to the disallowed commands list. Added restricted support for uiautomator dump with path validation.

🚀 Intent Support Across Tools

New shared start_intent() helper in droidmind/tools/intents.py enables starting activities with extras from both android-app and android-ui tools. The android-app tool gains a START_INTENT action with support for intent extras, while android-ui now delegates to the shared implementation for consistent behavior.

⬆️ MCP SDK Upgrade to 1.25.0

Upgraded mcp[cli] from 1.8.1 to 1.25.0, bringing compatibility improvements and new features. Python is now constrained to >=3.13,<3.14 due to transitive dependency requirements (PyO3/pydantic-core). The FastMCP initialization now uses the instructions parameter, and stdio_server import moved to module level.

🔧 App Management Improvements

• Enhanced list_packages — New parameters include_app_name (human-friendly labels via dumpsys), include_apk_path toggle, and max_packages limit with pagination notes for large package lists
• START_INTENT action — Start activities with explicit package, activity, and optional extras dictionary via android-app tool
• Shared device helper — New droidmind/tools/common.py with get_connected_device() for consistent device connection handling across tools

🔒️ Security Enhancements

• Chained command validation — validate_shell_command() now parses &&, ;, ||, and | operators and validates each segment independently
• rm blocked — Added rm to DISALLOWED_SHELL_COMMANDS to prevent accidental or malicious file deletion
• uiautomator restrictions — Only uiautomator dump is allowed, with output paths restricted to /sdcard/ or /data/local/tmp/ and no path traversal (..)
• New security tests — Added tests/test_security.py covering chained command detection, uiautomator restrictions, and risk assessment edge cases