Static Scan Results
scanned 6h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/cli.jsView file
188};
L189: var BASE_URL = "https://notebooklm.google.com";
L190: var BATCHEXECUTE_PATH = "/_[redacted]";
...
L207: import { readFileSync, writeFileSync, mkdirSync, existsSync } from "fs";
L208: import { execSync } from "child_process";
L209: import { createInterface } from "readline";
L210: var CONFIG_DIR = join(homedir(), ".notebooklm-mcp");
L211: var AUTH_FILE = join(CONFIG_DIR, "auth.json");
...
L248: try {
L249: const data = JSON.parse(readFileSync(AUTH_FILE, "utf-8"));
L250: if (data.cookies && validateCookies(data.cookies)) {
...
L267: function loadTokensFromEnv() {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli.jsView on unpkg · L188308}
L309: async function runFileImport(filePath) {
L310: if (!filePath) {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/cli.jsView on unpkg · L308Findings
1 High4 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/cli.js
MediumDynamic Requiredist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings