security: v1.7.7 hardening release

- Add WEBHOOK_CLIENT_SECRET validation for Graph webhooks
- Add Redis-backed rate limiting (fetch/ask/write/default tiers)
- Validate LLM_BASE_URL to prevent SSRF (HTTPS only, block private IPs)
- Enforce non-wildcard CORS when AUTH_ENABLED=true
- Add Content-Security-Policy headers
- Fix audit middleware to use verified JWT claims via contextvars
- Cap bulk_tags updates to 10,000 documents
- Return generic error messages to clients (no internal detail leakage)
- Strict AlertCondition Pydantic model for alert rules
- Security warning on MCP stdio server startup
- Remove MongoDB/Redis host ports from docker-compose
- Remove mongo_query from /ask API response

backend/mcp_server.py

@@ -41,6 +41,15 @@ from mcp_common import (
     handle_search_events,
 )
 
+# Security warning: this standalone stdio server has no authentication.
+# Only run it in trusted environments (e.g. local Claude Desktop) and
+# ensure the MongoDB connection uses authenticated credentials.
+print("=" * 60, file=sys.stderr)
+print("AOC MCP Server (stdio transport)", file=sys.stderr)
+print("WARNING: No authentication layer. Only run in trusted", file=sys.stderr)
+print("environments or behind a VPN. See AGENTS.md for details.", file=sys.stderr)
+print("=" * 60, file=sys.stderr)
+
 app = Server("aoc")