registry  /  mne-docs-mcp  /  1.0.50

mne-docs-mcp@1.0.50

DEPRECATED - superseded by the 'mne-docs' Python package on PyPI. MCP server for MNE-Python documentation, source code, GitHub issues, and forum.

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 45 file(s), 253 KB of source, external domains: 127.0.0.1, api.github.com, github.com, mne.discourse.group, mne.tools

Source & flagged code

2 flagged · loading source
dist/config.jsView file
8sourcePath: 'mne/', L9: docsUrl: 'https://mne.tools/stable/', L10: }, ... L113: archiveCacheMaxVersions: z.coerce.number().default(5), L114: pythonPath: z.string().default(process.platform === 'win32' ? 'python' : 'python3'), L115: parserTimeout: z.coerce.number().default(10000), ... L120: const config = { L121: port: process.env.MNE_PORT, L122: host: process.env.MNE_HOST,
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/config.jsView on unpkg · L8
python/parser.pyView file
path = python/parser.py kind = build_helper sizeBytes = 2190 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

python/parser.pyView on unpkg

Findings

1 High4 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/config.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperpython/parser.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings