Fix Dependabot security alerts: remove vulnerable langchain-core, upgrade fastmcp

[Copilot]

Two vulnerable dependencies in the MCP agent examples were flagged by Dependabot: langchain-core==0.3.52 (3 CVEs) and fastmcp>=2.3.4 (10 CVEs).

Changes

agents/mcp/chat-mcp-agent/requirements.txt

• Removed langchain-core==0.3.52 — not imported anywhere in the agent code; eliminates CVE-2025-65106 (template injection), CVE-2025-68664 (serialization injection), and a path traversal CVE (patched only in >=1.2.22, no 0.3.x backport)
• fastmcp>=2.3.4 → fastmcp>=3.2.4

agents/mcp/llm-mcp-agent/requirements.txt

• fastmcp>=2.3.4 → fastmcp>=3.2.4

fastmcp CVEs resolved by >=3.2.4

CVE	Severity	Fixed in
XSS via OAuth callback HTML	High	2.13.0
Confused Deputy / auth account takeover	High	2.13.0
Command injection via server_name (Windows deep link + CLI)	High	2.13.0 / 3.2.0
OAuth proxy token reuse across MCP servers	High	2.14.2
Missing OAuth consent verification in proxy callback	High	3.2.0
SSRF + Path Traversal via unencoded URL path params	High	3.2.0
File upload size limit bypass	Medium	3.2.4
OAuth audience confusion / cross-tenant token reuse	High	3.2.4
Credential leakage via forwarded Authorization header	High	3.2.4

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• api.osv.dev
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)
• https://api.github.com/repos/Clarifai/examples/dependabot/alerts
  • Triggering command: /usr/bin/curl curl -s -H Authorization: token REDACTED (http block)
• nvd.nist.gov
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)
• osv.dev
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

Fix all currently open Dependabot security alerts in the repository by updating vulnerable dependencies to secure versions and making any required compatibility code/configuration changes.

Requirements:

1. Identify all open Dependabot security alerts in the repository.
2. Remediate each alert by upgrading or replacing affected dependencies to non-vulnerable versions.
3. Prefer minimal-risk upgrades, but use major upgrades when necessary to resolve vulnerabilities.
4. Update lockfiles and manifests consistently.
5. Ensure the project still builds/tests successfully; adjust code where dependency API changes require it.
6. Include clear PR description summarizing each alert fixed and dependency changes made.
7. If any alert cannot be fully remediated, document why and include best-effort mitigation.

Repository: Clarifai/examples

The following is the prior conversation context from the user's chat exploration (may be truncated):

User: create a PR to fix all the dependabot alerts

Assistant: I can do that, but I need one clarification before I proceed: please provide the full repository URL (or owner/repo), because Clarifai/examples/security/dependabot is a security page path, not a clone/repo identifier I can safely use for PR creation.

Once you confirm the repo (for example: Clarifai/examples), I’ll open a PR to address all Dependabot alerts.

User: https://github.com/Clarifai/examples

Assistant: Thanks — I’ve started the PR creation process to fix the Dependabot alerts in Clarifai/examples, and we’re currently waiting for your confirmation in the approval dialog to continue.

This pull request was created from Copilot chat.

[Copilot]

Pull request overview

This PR addresses Dependabot security alerts in the MCP agent examples by removing an unused vulnerable dependency and upgrading fastmcp to a non-vulnerable major version.

Changes:

• Upgraded fastmcp from >=2.3.4 to >=3.2.4 in both MCP agent examples.
• Removed langchain-core==0.3.52 from chat-mcp-agent since it is not used by the agent code.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
agents/mcp/chat-mcp-agent/requirements.txt	Removes langchain-core and upgrades fastmcp to resolve Dependabot alerts.
agents/mcp/llm-mcp-agent/requirements.txt	Upgrades fastmcp to resolve Dependabot alerts.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.