The terminal-controller-mcp software contains a command blocklist that is trivially bypassable, enabling unrestricted remote code execution (RCE) via crafted input.
