npm analyzed 4.0.0

@kernlang/review-mcp

v4.0.0

npm

MCP server security scanner — static analysis for Model Context Protocol implementations

Drift inferred · capture-to-capture

HIGH 2026-06-04 code analysis flagged committed secret ×3, dynamic code execution ×13 in @kernlang/review-mcp

capabilities 0 tools

transport stdio · streamable-http · http · sse counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

code evidence v4.0.0 · npm-tarball

evidence-backed findings quoted directly from the published source artifact — not inferred

fs package/dist/badge.js :4 import * as fs from 'fs';
fs package/dist/cli.js :2 import * as fs from 'fs';
fs package/dist/config-scan.js :7 import { existsSync, readFileSync } from 'fs';
fs package/dist/rule-compiler.js :9 import { readdirSync, readFileSync } from 'fs';
fs package/dist/tool-pin.js :9 import * as fs from 'fs';
fs package/dist/workspace-scan.js :4 import * as fs from 'fs';
fs package/scripts/compile-rules.mjs :9 import { readFileSync, writeFileSync, readdirSync } from 'fs';
fs package/src/badge.ts :5 import * as fs from 'fs';
fs package/src/cli.ts :3 import * as fs from 'fs';
fs package/src/config-scan.ts :8 import { existsSync, readFileSync } from 'fs';
fs package/src/rule-compiler.ts :11 import { readdirSync, readFileSync } from 'fs';
fs package/src/tool-pin.ts :10 import * as fs from 'fs';
fs package/src/workspace-scan.ts :7 import * as fs from 'fs';

shell package/dist/infer-mcp.js :23 const SHELL_EXEC_PATTERN = /\b(exec|execSync|execFile|execFileSync|spawn|spawnSync|child_process)\b/;
shell package/dist/rules/checks/mcp01-cmd-injection.js :83 findings.push(finding('mcp-command-injection', 'error', `eval()/exec() in MCP tool handler — arbitrary code execution risk`, filePath, i + 1, 'Never use eval/exec with user-supplied input. Use ast.lit
shell package/dist/rules/checks/mcp11-excessive-permissions.js :21 : /\b(execSync|execFile|spawn|spawnSync|child_process)/;
shell package/dist/rules/mcp-patterns.js :10 export const TS_EXEC_SINKS = /\b(exec|execSync|execFile|execFileSync|spawn|spawnSync|child_process)\s*\(|\beval\s*\(|\bnew\s+Function\s*\(/;
shell package/dist/server-inspector.js :14 import { spawn } from 'child_process';
shell package/src/infer-mcp.ts :28 const SHELL_EXEC_PATTERN = /\b(exec|execSync|execFile|execFileSync|spawn|spawnSync|child_process)\b/;
shell package/src/rules/checks/mcp01-cmd-injection.ts :148 `eval()/exec() in MCP tool handler — arbitrary code execution risk`,
shell package/src/rules/checks/mcp11-excessive-permissions.ts :25 : /\b(execSync|execFile|spawn|spawnSync|child_process)/;
shell package/src/rules/mcp-patterns.ts :13 /\b(exec|execSync|execFile|execFileSync|spawn|spawnSync|child_process)\s*\(|\beval\s*\(|\bnew\s+Function\s*\(/;
shell package/src/server-inspector.ts :15 import { type ChildProcess, spawn } from 'child_process';

net package/dist/rule-runner.js :76 // fetch(target); → tainted var reaches sink
net package/dist/rules/checks/mcp12-resource-exhaustion.js :31 findings.push(finding('mcp-resource-exhaustion', 'warning', 'fetch() without AbortController or timeout — can block MCP server indefinitely', filePath, startLine, 'Use AbortController with setTimeout:
net package/src/rule-runner.ts :83 // fetch(target); → tainted var reaches sink
net package/src/rules/checks/mcp12-resource-exhaustion.ts :61 'fetch() without AbortController or timeout — can block MCP server indefinitely',