@elixium.ai/mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    40: const USE_SSE = hasArg("--sse") || process.env.ELIXIUM_MCP_TRANSPORT === "sse";
    41: const SSE_PORT = resolvePort(getArgValue("--port") ?? process.env.ELIXIUM_MCP_PORT ?? null, 7357);
>>> 42: const SSE_HOST = getArgValue("--host") ?? process.env.ELIXIUM_MCP_HOST ?? "127.0.0.1";
    43: const SSE_PATH = ensurePath(getArgValue("--sse-path") ?? process.env.ELIXIUM_MCP_SSE_PATH ?? "/sse", "/sse");
    44: const MESSAGE_PATH = ensurePath(getArgValue("--message-path") ??

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    39: };
    40: const USE_SSE = hasArg("--sse") || process.env.ELIXIUM_MCP_TRANSPORT === "sse";
>>> 41: const SSE_PORT = resolvePort(getArgValue("--port") ?? process.env.ELIXIUM_MCP_PORT ?? null, 7357);
    42: const SSE_HOST = getArgValue("--host") ?? process.env.ELIXIUM_MCP_HOST ?? "127.0.0.1";
    43: const SSE_PATH = ensurePath(getArgValue("--sse-path") ?? process.env.ELIXIUM_MCP_SSE_PATH ?? "/sse", "/sse");

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    2: const API_KEY = process.env.ELIXIUM_API_KEY;
    3: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
>>> 4: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
    5: const client = axios.create({
    6:     baseURL: API_URL,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    1: import axios from "axios";
    2: const API_KEY = process.env.ELIXIUM_API_KEY;
>>> 3: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
    4: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
    5: const client = axios.create({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    1: import axios from "axios";
>>> 2: const API_KEY = process.env.ELIXIUM_API_KEY;
    3: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
    4: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    6: import axios from "axios";
    7: import * as http from "node:http";
>>> 8: const API_KEY = process.env.ELIXIUM_API_KEY;
    9: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
    10: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    7: import * as http from "node:http";
    8: const API_KEY = process.env.ELIXIUM_API_KEY;
>>> 9: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
    10: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
    11: const LANE_STYLE_ENV = process.env.ELIXIUM_LANE_STYLE;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    8: const API_KEY = process.env.ELIXIUM_API_KEY;
    9: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
>>> 10: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
    11: const LANE_STYLE_ENV = process.env.ELIXIUM_LANE_STYLE;
    12: const USER_EMAIL = process.env.ELIXIUM_USER_EMAIL; // Optional: Override requester email for stories

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    9: const API_URL = process.env.ELIXIUM_API_URL || "https://elixium.ai/api";
    10: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
>>> 11: const LANE_STYLE_ENV = process.env.ELIXIUM_LANE_STYLE;
    12: const USER_EMAIL = process.env.ELIXIUM_USER_EMAIL; // Optional: Override requester email for stories
    13: // UUID v4 format validation — prevents 500s from partial/truncated IDs

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    10: const BOARD_SLUG = process.env.ELIXIUM_BOARD_SLUG;
    11: const LANE_STYLE_ENV = process.env.ELIXIUM_LANE_STYLE;
>>> 12: const USER_EMAIL = process.env.ELIXIUM_USER_EMAIL; // Optional: Override requester email for stories
    13: // UUID v4 format validation — prevents 500s from partial/truncated IDs
    14: const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    38:     return Number.isFinite(parsed) ? parsed : fallback;
    39: };
>>> 40: const USE_SSE = hasArg("--sse") || process.env.ELIXIUM_MCP_TRANSPORT === "sse";
    41: const SSE_PORT = resolvePort(getArgValue("--port") ?? process.env.ELIXIUM_MCP_PORT ?? null, 7357);
    42: const SSE_HOST = getArgValue("--host") ?? process.env.ELIXIUM_MCP_HOST ?? "127.0.0.1";

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    43: const SSE_PATH = ensurePath(getArgValue("--sse-path") ?? process.env.ELIXIUM_MCP_SSE_PATH ?? "/sse", "/sse");
    44: const MESSAGE_PATH = ensurePath(getArgValue("--message-path") ??
>>> 45:     process.env.ELIXIUM_MCP_MESSAGE_PATH ??
    46:     "/message", "/message");
    47: import * as fs from "fs";

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    41: const SSE_PORT = resolvePort(getArgValue("--port") ?? process.env.ELIXIUM_MCP_PORT ?? null, 7357);
    42: const SSE_HOST = getArgValue("--host") ?? process.env.ELIXIUM_MCP_HOST ?? "127.0.0.1";
>>> 43: const SSE_PATH = ensurePath(getArgValue("--sse-path") ?? process.env.ELIXIUM_MCP_SSE_PATH ?? "/sse", "/sse");
    44: const MESSAGE_PATH = ensurePath(getArgValue("--message-path") ??
    45:     process.env.ELIXIUM_MCP_MESSAGE_PATH ??

Decoded base64 content: �U�*z�H�3���Y��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �驕�^��(�G�?

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���uj+��h�I�nW�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���uj+��h�I�nW�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���&�q�kjg���,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��kjנ����-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���&�q�kjg���,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���&�q�kjg���,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.