<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Filesystem Security on aniket/awwfensive</title><link>https://awwfensive.github.io/tags/filesystem-security/</link><description>Recent content in Filesystem Security on aniket/awwfensive</description><generator>Hugo</generator><language>en-US</language><copyright>Copyright (c) 2025, aniket.</copyright><lastBuildDate>Tue, 14 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://awwfensive.github.io/tags/filesystem-security/index.xml" rel="self" type="application/rss+xml"/><item><title>Breaking Flyto's MCP Recipe Runner: A Path Traversal Vulnerability</title><link>https://awwfensive.github.io/escaping-the-recipe-book-path-traversal-in-flytos-run-recipe/</link><pubDate>Tue, 14 Jul 2026 00:00:00 +0000</pubDate><guid>https://awwfensive.github.io/escaping-the-recipe-book-path-traversal-in-flytos-run-recipe/</guid><description>&lt;h2 id="what-is-flyto-core"&gt;What is flyto-core?&lt;/h2&gt;
&lt;p&gt;&lt;a href="https://github.com/flytohub/flyto-core"&gt;Flyto Core&lt;/a&gt; is the core execution engine of the Flyto platform that runs automation workflows by orchestrating modules, managing execution state, handling variables and secrets, and recording evidence throughout the workflow lifecycle.&lt;/p&gt;
&lt;figure class="clickable-img"&gt;&lt;img src="https://awwfensive.github.io/flyto/1.png"
 alt="repo"&gt;
&lt;/figure&gt;

&lt;h2 id="what-are-flyto-recipes"&gt;What are Flyto recipes?&lt;/h2&gt;
&lt;p&gt;Flyto supports reusable, pre-built YAML workflows called recipes. They are intended to live in the bundled &lt;code&gt;src/recipes/&lt;/code&gt; directory, be listed through &lt;code&gt;list_recipes()&lt;/code&gt;, and be executed by name through the CLI or MCP &lt;code&gt;run_recipe&lt;/code&gt; tool.&lt;/p&gt;</description></item></channel></rss>