registry  /  novada-mcp  /  0.9.1

novada-mcp@0.9.1

One MCP server for all web data. Search, scrape, crawl, proxy, and AI research in one install.

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 75 file(s), 890 KB of source, external domains: api-m.novada.com, api.novada.com, dashboard.novada.com, developer-api.novada.com, docs.example.com, example.com, github.com, scraper.novada.com, scraperapi.novada.com, status.novada.com, web.archive.org, webunlocker.novada.com, www.novada.com

Source & flagged code

7 flagged · loading source
build/tools/proxy.jsView file
126patternName = generic_password severity = medium line = 126 matchedText = ` proxy... }`,
Medium
Secret Pattern

Package contains a possible secret pattern.

build/tools/proxy.jsView on unpkg · L126
skills/novada-agent/setup.shView file
path = skills/novada-agent/setup.sh kind = build_helper sizeBytes = 493 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

skills/novada-agent/setup.shView on unpkg
build/tools/proxy_residential.jsView file
124patternName = generic_password severity = medium line = 124 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_residential.js

build/tools/proxy_residential.jsView on unpkg · L124
build/tools/proxy_account_create.jsView file
87patternName = generic_password severity = medium line = 87 matchedText = password...**",
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_account_create.js

build/tools/proxy_account_create.jsView on unpkg · L87
build/tools/proxy_mobile.jsView file
127patternName = generic_password severity = medium line = 127 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_mobile.js

build/tools/proxy_mobile.jsView on unpkg · L127
build/tools/proxy_datacenter.jsView file
115patternName = generic_password severity = medium line = 115 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_datacenter.js

build/tools/proxy_datacenter.jsView on unpkg · L115
build/tools/proxy_isp.jsView file
117patternName = generic_password severity = medium line = 117 matchedText = ` proxy... }`,
Medium
Secret Pattern

Hardcoded password in build/tools/proxy_isp.js

build/tools/proxy_isp.jsView on unpkg · L117

Findings

10 Medium5 Low
MediumSecret Patternbuild/tools/proxy.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperskills/novada-agent/setup.sh
MediumStructural Risk Force Deep Review
MediumSecret Patternbuild/tools/proxy_residential.js
MediumSecret Patternbuild/tools/proxy_account_create.js
MediumSecret Patternbuild/tools/proxy_mobile.js
MediumSecret Patternbuild/tools/proxy_datacenter.js
MediumSecret Patternbuild/tools/proxy_isp.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings