Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/cli.jsView file
171};
L172: var BASE_URL = "https://notebooklm.google.com";
L173: var BATCHEXECUTE_PATH = "/_[redacted]";
...
L190: import { readFileSync, writeFileSync, mkdirSync, existsSync } from "fs";
L191: import { execSync } from "child_process";
L192: import { createInterface } from "readline";
L193: var CONFIG_DIR = join(homedir(), ".notebooklm-mcp");
L194: var AUTH_FILE = join(CONFIG_DIR, "auth.json");
...
L231: try {
L232: const data = JSON.parse(readFileSync(AUTH_FILE, "utf-8"));
L233: if (data.cookies && validateCookies(data.cookies)) {
...
L250: function loadTokensFromEnv() {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli.jsView on unpkg · L171291}
L292: async function runFileImport(filePath) {
L293: if (!filePath) {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/cli.jsView on unpkg · L291Findings
1 High4 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/cli.js
MediumDynamic Requiredist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings