registry  /  novada-mcp  /  0.9.0

novada-mcp@0.9.0

One MCP server for all web data. Search, scrape, crawl, proxy, and AI research in one install.

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a Novada MCP server whose network, proxy, browser, and file-write behavior is exposed as documented user-invoked tools.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the MCP server or CLI and invokes a Novada tool.
Impact
Package-aligned API usage; possible account or browser actions only through explicit tool calls.
Mechanism
User-invoked web data, proxy, browser, and account-management API wrapper
Rationale
Static inspection found powerful scraping/proxy/browser primitives, but they are documented, user-invoked MCP features with Novada-aligned endpoints, validation, secret redaction, output path constraints, and confirmation gates for destructive account actions. No install-time payload, credential harvesting/exfiltration, persistence, destructive filesystem behavior, or unconsented AI-agent control-surface mutation was found.
Evidence
package.jsonbuild/index.jsbuild/cli.jsbuild/config.jsbuild/utils/html.jsbuild/utils/output.jsbuild/utils/credentials.jsbuild/tools/browser.jsbuild/tools/capture_apikey.jsskills/novada-agent/setup.shserver.json~/Downloads/novada-mcp/**
Network endpoints7
scraper.novada.comapi.novada.com/g/api/proxyscraperapi.novada.comwebunlocker.novada.comapi-m.novada.comwss://upg-scbr2.novada.comuser-supplied http(s) URLs

Decision evidence

public snapshot
AI called this Clean at 88.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • MCP tools provide web scraping, proxy, and browser automation capabilities.
  • build/tools/browser.js supports user-supplied page.evaluate in cloud browser sessions.
  • build/tools/capture_apikey.js can return/reset Novada capture API keys when tool is invoked.
Evidence against
  • package.json lifecycle hooks only build/test; no install-time execution or hidden downloader.
  • build/index.js starts an MCP stdio server and registers explicit user-invoked tools.
  • Network calls are to Novada service APIs or user-supplied URLs for package-aligned scraping/extraction.
  • build/utils/output.js writes only tool outputs under ~/Downloads/novada-mcp with sanitization.
  • Destructive account actions in capture_apikey, ip_whitelist, and static_ip_mgmt have confirm:true gates.
  • skills/novada-agent/setup.sh only prints setup guidance.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 75 file(s), 890 KB of source, external domains: api-m.novada.com, api.novada.com, dashboard.novada.com, developer-api.novada.com, docs.example.com, example.com, github.com, scraper.novada.com, scraperapi.novada.com, status.novada.com, web.archive.org, webunlocker.novada.com, www.novada.com

Source & flagged code

8 flagged · loading source
build/tools/proxy.jsView file
126patternName = generic_password severity = medium line = 126 matchedText = ` proxy... }`,
Medium
Secret Pattern

Package contains a possible secret pattern.

build/tools/proxy.jsView on unpkg · L126
skills/novada-agent/setup.shView file
path = skills/novada-agent/setup.sh kind = build_helper sizeBytes = 493 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

skills/novada-agent/setup.shView on unpkg
build/utils/html.jsView file
matchType = previous_version_dangerous_delta matchedPackage = novada-mcp@0.8.10 matchedIdentity = npm:bm92YWRhLW1jcA:0.8.10 similarity = 0.671 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

build/utils/html.jsView on unpkg
build/tools/proxy_residential.jsView file
124patternName = generic_password severity = medium line = 124 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_residential.js

build/tools/proxy_residential.jsView on unpkg · L124
build/tools/proxy_account_create.jsView file
87patternName = generic_password severity = medium line = 87 matchedText = password...**",
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_account_create.js

build/tools/proxy_account_create.jsView on unpkg · L87
build/tools/proxy_mobile.jsView file
127patternName = generic_password severity = medium line = 127 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_mobile.js

build/tools/proxy_mobile.jsView on unpkg · L127
build/tools/proxy_datacenter.jsView file
115patternName = generic_password severity = medium line = 115 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_datacenter.js

build/tools/proxy_datacenter.jsView on unpkg · L115
build/tools/proxy_isp.jsView file
117patternName = generic_password severity = medium line = 117 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_isp.js

build/tools/proxy_isp.jsView on unpkg · L117

Findings

1 Critical10 Medium5 Low
CriticalPrevious Version Dangerous Deltabuild/utils/html.js
MediumSecret Patternbuild/tools/proxy.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperskills/novada-agent/setup.sh
MediumStructural Risk Force Deep Review
MediumSecret Patternbuild/tools/proxy_residential.js
MediumSecret Patternbuild/tools/proxy_account_create.js
MediumSecret Patternbuild/tools/proxy_mobile.js
MediumSecret Patternbuild/tools/proxy_datacenter.js
MediumSecret Patternbuild/tools/proxy_isp.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings