CRITICAL: KiCad MCP Server Exposed by Multiple Command Injection Vulnerabilities in Security Audit

A security audit of the KiCad MCP server has uncovered multiple critical command injection vulnerabilities, exposing the system to potential remote code execution. The audit findings point to a systemic failure in input validation, with at least three distinct locations where user-controlled data is passed directly to insecure `subprocess.run()` calls, allowing attackers to potentially execute arbitrary commands on the host system.

The most severe issues are concentrated in core tooling files. In `bom_tools.py` at line 705, a direct `subprocess.run()` call uses user input without sanitization. Similarly, in `drc_impl/cli_drc.py` at line 51, a subprocess call bypasses existing security validation. The `visualization_tools.py` file contains two more instances of the same pattern on lines 216-217 and 247. These vulnerabilities are not isolated bugs but a recurring pattern of unsafe code execution.

The audit indicates that while some security infrastructure exists within the codebase, it was evidently bypassed or not utilized in these critical paths. The presence of these flaws in a tool used for electronic design automation (EDA) raises significant risks, as compromised instances could be used to tamper with design files, exfiltrate intellectual property, or launch further attacks from within trusted development environments. The findings demand immediate patching to prevent exploitation.