@azure/mcp
v2.0.0-beta.21Azure MCP Server - Model Context Protocol implementation for Azure
6
Total
4
Critical
2
High
0
Medium
Findings
unknownEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
5:
6: // Check if DEBUG environment variable is set
>>> 7: const isDebugMode = process.env.DEBUG && (
8: process.env.DEBUG.toLowerCase() === 'true' ||
9: process.env.DEBUG.includes('mcp') ||Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
6: // Check if DEBUG environment variable is set
7: const isDebugMode = process.env.DEBUG && (
>>> 8: process.env.DEBUG.toLowerCase() === 'true' ||
9: process.env.DEBUG.includes('mcp') ||
10: process.env.DEBUG === '*'Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
7: const isDebugMode = process.env.DEBUG && (
8: process.env.DEBUG.toLowerCase() === 'true' ||
>>> 9: process.env.DEBUG.includes('mcp') ||
10: process.env.DEBUG === '*'
11: )Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
8: process.env.DEBUG.toLowerCase() === 'true' ||
9: process.env.DEBUG.includes('mcp') ||
>>> 10: process.env.DEBUG === '*'
11: )
12: Node.js child process spawning
Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.
41: // Try to automatically install the missing platform package
42: try {
>>> 43: const { execSync } = require('child_process')
44:
45: console.error(`Installing missing platform package: ${platformPackageName}`)Decoded base64 content: r���'+�� ��������
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveScan History
| Date | Risk | Findings | Files | Duration |
|---|---|---|---|---|
| Feb 23, 2026 | critical | 6 | 6 | 0.00s |
| Feb 22, 2026 | critical | 6 | 6 | 0.00s |