critical
suspicious.env_credential_access
- Location
- dist/index.js:1065
- Finding
- Environment variable access combined with network send.
- Evidence
const cfg = resolveInstances(process.env);
AdGuard
AdvisoryAudited by Static analysis on May 18, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (2)
critical
suspicious.env_credential_access
- Location
- dist/mcp-server.js:1036
- Finding
- Environment variable access combined with network send.
- Evidence
var cfg = resolveInstances(process.env);