MCP Observatory
github analyzed fc05430

superglue-ai/superglue

github

superglue (YC W25) builds integrations and tools from natural language. Get production-grade tools for long tail and enterprise systems.

maintainer
superglue-ai
license
NOASSERTION
first seen
2026-06-01
last seen
2026-06-04
releases · 30d
0
short id

Drift inferred · capture-to-capture

  1. HIGH code analysis flagged dynamic code execution ×6 in superglue-ai/superglue
capabilities0 tools
transport streamable-http · http counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

skills & danger signalsgithub-tarball
prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit fc05430 · analyzer v17 · 1h ago

skills & prompt files 3

danger signals12

code evidencevHEAD · github-tarball
evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 11

  • fs superglue-ai-superglue-fc05430/eval/integration-evals/utils/doc-eval-config-loader.ts :1 import * as fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/integration-evals/utils/doc-eval-fetcher.ts :4 import * as fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/integration-evals/utils/doc-eval-retrieval-evaulator.ts :6 import * as fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/legacy-api-ranking/generate-api-ranking.ts :2 // import fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/legacy-api-ranking/utils/config-loader.ts :1 import * as fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/legacy-api-ranking/utils/setup-manager.ts :3 import fs from 'fs';
  • fs superglue-ai-superglue-fc05430/eval/tool-evals/config/config-loader.ts :1 import { access, readFile } from "node:fs/promises";
  • fs superglue-ai-superglue-fc05430/eval/tool-evals/reporters/csv-reporter.ts :2 import { writeFileSync, mkdirSync, existsSync } from "fs";
  • fs superglue-ai-superglue-fc05430/eval/tool-evals/reporters/json-reporter.ts :2 import { writeFileSync } from "fs";
  • fs superglue-ai-superglue-fc05430/packages/core/utils/html-markdown-pool.ts :1 import { existsSync } from "fs";
  • fs superglue-ai-superglue-fc05430/packages/core/worker/worker-pool-registry.ts :3 import { existsSync } from "fs";

shell / exec 3

  • shell superglue-ai-superglue-fc05430/eval/sdk-test/run-with-server.js :1 import { spawn } from 'child_process';
  • shell superglue-ai-superglue-fc05430/packages/core/deno/deno-worker.ts :5 import { spawn, ChildProcess } from "child_process";
  • shell superglue-ai-superglue-fc05430/packages/web/src/lib/external/anthropic-mcp/client/stdio.ts :1 import { ChildProcess, IOType } from "node:child_process";

network 38

  • net superglue-ai-superglue-fc05430/eval/legacy-api-ranking/direct-llm-evaluator.ts :265 // 2. Make API calls using fetch()
  • net superglue-ai-superglue-fc05430/eval/llm-benchmark-evals/services/llm-code-generator.ts :79 2. Make API calls using fetch()
  • net superglue-ai-superglue-fc05430/eval/sdk-test/run-with-server.js :5 import http from 'http';
  • net superglue-ai-superglue-fc05430/eval/tool-evals/ui/dashboard.js :838 const response = await fetch('../data/benchmark/tool-eval-benchmark.json');
  • net superglue-ai-superglue-fc05430/packages/core/api/runs.ts :28 await fetch(`${schedulerUrl}/v1/runs/${encodeURIComponent(runId)}/cancel`, {
  • net superglue-ai-superglue-fc05430/packages/core/api/systems-documentation.ts :2 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/deno-runtime/strategies/http.ts :4 * Uses native fetch() for HTTP requests with pagination support.
  • net superglue-ai-superglue-fc05430/packages/core/documentation/documentation-fetching.ts :43 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/documentation-utils.ts :6 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/fetching-axios.ts :8 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/fetching-graphql.ts :8 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/fetching-llms-txt.ts :9 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/fetching-playwright.ts :12 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/openapi-swaggerhub.ts :1 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/documentation/strategies/openapi-swaggerui.ts :1 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/mcp/mcp-server.ts :8 import type { IncomingMessage, ServerResponse } from "http";
  • net superglue-ai-superglue-fc05430/packages/core/notifications/notifiers/slack-notifier.ts :2 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/tunnel/tunnel-service.ts :3 import * as net from "net";
  • net superglue-ai-superglue-fc05430/packages/core/utils/http.ts :6 import axios, { AxiosRequestConfig, AxiosResponse } from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/utils/oauth-token-refresh.ts :7 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/core/utils/webhook.ts :1 import { AxiosRequestConfig } from "axios";
  • net superglue-ai-superglue-fc05430/packages/sdk/js/src/fetcher.ts :10 const response = await fetch(`${baseUrl}${url}`, {
  • net superglue-ai-superglue-fc05430/packages/shared/sse-log-subscription.ts :64 const response = await fetch(url, {
  • net superglue-ai-superglue-fc05430/packages/shared/superglue-client.ts :77 response = await fetch(url, {
  • net superglue-ai-superglue-fc05430/packages/web/src/app/api/auth/callback/route.ts :5 import axios from "axios";
  • net superglue-ai-superglue-fc05430/packages/web/src/app/client-layout.tsx :61 const response = await fetch(`${apiEndpoint.replace(/\/$/, "")}/v1/tenant-info`, {
  • net superglue-ai-superglue-fc05430/packages/web/src/app/environment-context.tsx :64 const response = await fetch(`${config.apiEndpoint}/v1/systems/has-multi-env`, {
  • net superglue-ai-superglue-fc05430/packages/web/src/components/agent/hooks/use-agent-request.ts :275 const response = await fetch(chatEndpoint, {
  • net superglue-ai-superglue-fc05430/packages/web/src/components/auth/AuthModal.tsx :52 const response = await fetch(`${apiUrl}/v1/tools`, {
  • net superglue-ai-superglue-fc05430/packages/web/src/components/upgrade/UpgradeModalContext.tsx :191 const response = await fetch("https://billing.superglue.cloud/v1/billing/checkout", {
  • net superglue-ai-superglue-fc05430/packages/web/src/lib/connection-monitor.ts :53 const response = await fetch(`${endpoint}/v1/health`);
  • net superglue-ai-superglue-fc05430/packages/web/src/lib/ee-superglue-client.ts :558 const response = await fetch(`${this.apiEndpoint}${path}`, {
  • net superglue-ai-superglue-fc05430/packages/web/src/lib/file-upload.ts :14 const response = await fetch(uploadUrl, {
  • net superglue-ai-superglue-fc05430/packages/web/src/lib/oauth-utils.ts :240 await fetch("/api/auth/init-oauth", {
  • net superglue-ai-superglue-fc05430/packages/web/src/lib/sse-subscriptions.ts :36 const response = await fetch(url, {
  • net superglue-ai-superglue-fc05430/packages/web/src/queries/doc-files.ts :69 fetch(info.uploadUrl, {
  • net superglue-ai-superglue-fc05430/packages/web/src/queries/org.ts :24 const response = await fetch(`https://billing.superglue.cloud/v1/billing/status/${userId}`);
  • net superglue-ai-superglue-fc05430/packages/web/src/queries/systems.ts :37 const response = await fetch(`${apiEndpoint}/v1/tunnels`, {

secrets 19

  • secrets superglue-ai-superglue-fc05430/eval/legacy-api-ranking/direct-llm-evaluator.ts :415 // if (!process.env.OPENAI_API_KEY) {
  • secrets superglue-ai-superglue-fc05430/eval/sdk-test/index.ts :10 const apiKey = process.env.AUTH_TOKEN;
  • secrets superglue-ai-superglue-fc05430/packages/core/api/oauth.ts :93 const masterKey = process.env.MASTER_ENCRYPTION_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/core/bootstrap/oss-bootstrap.ts :42 const authToken = process.env.AUTH_TOKEN || process.env.NEXT_PUBLIC_SUPERGLUE_API_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/core/datastore/datastore.ts :38 password: process.env.POSTGRES_PASSWORD!,
  • secrets superglue-ai-superglue-fc05430/packages/core/filestore/s3-file-service.ts :44 const accessKeyId = process.env.AWS_ACCESS_KEY_ID;
  • secrets superglue-ai-superglue-fc05430/packages/core/llm/llm-tools.ts :7 if (!process.env.TAVILY_API_KEY) {
  • secrets superglue-ai-superglue-fc05430/packages/core/notifications/notifiers/email-notifier.ts :10 const apiKey = process.env.RESEND_API_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/core/shared/environment.ts :14 if (process.env.LLM_PROVIDER?.toUpperCase() === "OPENAI" && !process.env.OPENAI_API_KEY) {
  • secrets superglue-ai-superglue-fc05430/packages/core/utils/encryption.ts :11 const masterKeyString = process.env.MASTER_ENCRYPTION_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/shared/utils/ai-model-init.ts :36 if (process.env.AI_GATEWAY_API_KEY && process.env.AI_GATEWAY_MODEL) {
  • secrets superglue-ai-superglue-fc05430/packages/web/instrumentation.ts :13 if (!process.env.LANGFUSE_SECRET_KEY || !process.env.LANGFUSE_PUBLIC_KEY) {
  • secrets superglue-ai-superglue-fc05430/packages/web/src/app/api/auth/callback/route.ts :396 const masterKey = process.env.MASTER_ENCRYPTION_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/web/src/app/layout.tsx :46 const apiKey = process.env.AUTH_TOKEN || process.env.NEXT_PUBLIC_SUPERGLUE_API_KEY;
  • secrets superglue-ai-superglue-fc05430/packages/web/src/lib/agent/agent-request.ts :466 if (process.env.TAVILY_API_KEY) {
  • secrets superglue-ai-superglue-fc05430/packages/web/src/lib/api-auth.ts :31 const envToken = process.env.AUTH_TOKEN;
  • secrets superglue-ai-superglue-fc05430/packages/web/src/lib/auth.ts :21 password: process.env.POSTGRES_PASSWORD,
  • secrets superglue-ai-superglue-fc05430/scripts/decrypt-credentials.ts :10 const masterKeyString = process.env.MASTER_ENCRYPTION_KEY;
  • secrets superglue-ai-superglue-fc05430/scripts/migrate.ts :319 password: process.env.REDIS_PASSWORD,

database 5

  • db superglue-ai-superglue-fc05430/packages/core/datastore/ee/postgres.ts :11 import type { PoolConfig } from "pg";
  • db superglue-ai-superglue-fc05430/packages/core/datastore/postgres.ts :16 import { Pool, PoolConfig } from "pg";
  • db superglue-ai-superglue-fc05430/packages/core/utils/postgres.ts :7 import { Pool, PoolConfig } from "pg";
  • db superglue-ai-superglue-fc05430/packages/web/src/lib/auth.ts :5 import pg from "pg";
  • db superglue-ai-superglue-fc05430/scripts/migrate.ts :3 import { createClient } from "redis";

declared dependencies 17

  • @types/node@^20.0.0
  • d3-time@^3.1.0
  • dotenv@^16.4.7
  • dotenv-cli@^8.0.0
  • posthog-js@^1.370.0
  • superglue@github:superglue-ai/superglue#main
  • typescript@^5.0.0
  • @playwright/test@^1.55.0
  • @secretlint/secretlint-rule-preset-recommend@^11.2.5
  • lefthook@^2.0.3
  • mcp-remote@^0.1.5
  • prettier@3.7.4
  • secretlint@^11.2.5
  • ts-node@^10.9.2
  • tsx@^4.20.6
  • turbo@^2.7.2
  • vitest@^3.2.4