Wanaku Tool Service ExecClient Logs Sensitive Command URIs at INFO Level, Risking Credential Exposure

A critical vulnerability within Wanaku's tool execution framework exposes sensitive data, including potential API keys and credentials, through standard application logs. The flaw resides in the `ExecClient` component, which logs the full command URI at the INFO level before executing a tool. This logging practice means any sensitive parameters embedded in the URI—such as authentication tokens or database connection strings—are written to log files accessible to anyone with standard system or application monitoring permissions.

The issue is pinpointed in the Java source file `ExecClient.java`. The problematic line of code, `LOG.infof("Invoking tool at URI: %s", parsedRequest.uri());`, records the complete, unredacted URI. This occurs whenever a tool registered with the MCP (Model Context Protocol) router is invoked. The vulnerability is easily reproducible: any tool invocation with a URI containing sensitive parameters will have those details captured in the INFO log stream, creating a clear path for credential harvesting.

The exposure raises immediate security and compliance risks for any deployment using the Wanaku tool service. Unrestricted INFO-level logging of user input is a fundamental security misstep, violating the principle of least privilege for log data. While the code may be intended for operational visibility, the current implementation fails to distinguish between benign metadata and potentially critical secrets. The expected behavior would involve either suppressing such logs entirely at the INFO level, moving them to DEBUG or TRACE levels only accessible during troubleshooting, or implementing robust redaction of parameters before any log entry is written.