Back to Dashboard
100
cloudflare-agent-starter058 files scannedMay 7, 2026

High risk — review carefully before installing

This package can run commands on your computer AND reads your secret tokens. That combination means it could potentially steal your credentials. Only install this if you trust the author and understand why it needs these permissions.

What We Found(10 issues)

Each card explains what was found and what it means in plain English. Click "Technical details" for the full breakdown.

HIGHHIGH-003

Caution. This package runs system commands on your computer. This is like giving someone the keys to your terminal. They could run anything — download files, change settings, or access your private data.

Technical details

Direct process execution functions (exec, spawn) can run arbitrary commands. Combined with user input, this enables remote code execution.

exec(
worker-configuration.d.ts:2271
HIGHHIGH-003

Caution. This package runs system commands on your computer. This is like giving someone the keys to your terminal. They could run anything — download files, change settings, or access your private data.

Technical details

Direct process execution functions (exec, spawn) can run arbitrary commands. Combined with user input, this enables remote code execution.

exec(
worker-configuration.d.ts:6284
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.OPENAI_API_KEY
src/server.ts:127
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.OPENAI_API_KEY
src/server.ts:132
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.TWITTER_API_KEY
src/twitter-api.ts:58
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.TWITTER_API_KEY_SECRET
src/twitter-api.ts:59
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.TWITTER_ACCESS_TOKEN
src/twitter-api.ts:60
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.TWITTER_ACCESS_TOKEN_SECRET
src/twitter-api.ts:61
HIGHHIGH-005

Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.

Technical details

Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.

process.env.TWITTER_BEARER_TOKEN
src/twitter-api.ts:133
MEDIUMMED-001

Suspicious. This package contains hidden encoded text — like a secret message that gets decoded when the code runs. Legitimate packages don't usually hide their code this way. It could be a disguised payload.

Technical details

Long Base64-encoded strings (>128 chars) may contain obfuscated payloads. Legitimate code rarely embeds large encoded blobs inline.

"acf77cf37b4156a2708e34c4eb755f9b5dbbe5ebb55adfec8f11493438d19e6ad3f157f81fa3b98278453d5652b0c1fd1d71e5695ae4d709803a4d3f39de9dea"
worker-configuration.d.ts:6175

Finding Summary

0

Critical

9

High

1

Medium

0

Low

0

Info