@transloadit/mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    101:         const endpoint = (config.endpoint ?? fileConfig.endpoint ?? process.env.TRANSLOADIT_ENDPOINT);
    102:         const mcpToken = (fileConfig.mcpToken ?? process.env.TRANSLOADIT_MCP_TOKEN);
>>> 103:         const clientSuffix = process.env.TRANSLOADIT_CLIENT_SUFFIX;
    104:         if (!isLocalHost(host) && !mcpToken) {
    105:             throw new Error('TRANSLOADIT_MCP_TOKEN is required when binding to non-localhost host.');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    91:         const port = Number(config.port ?? fileConfig.port ?? 5723);
    92:         const path = fileConfig.path ?? '/mcp';
>>> 93:         const metricsPath = fileConfig.metricsPath ?? process.env.TRANSLOADIT_MCP_METRICS_PATH;
    94:         const metricsAuthConfig = fileConfig.metricsAuth;
    95:         const metricsUser = (fileConfig.metricsUser ??

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    95:         const metricsUser = (fileConfig.metricsUser ??
    96:             metricsAuthConfig?.username ??
>>> 97:             process.env.TRANSLOADIT_MCP_METRICS_USER);
    98:         const metricsPassword = (fileConfig.metricsPassword ??
    99:             metricsAuthConfig?.password ??

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    98:         const metricsPassword = (fileConfig.metricsPassword ??
    99:             metricsAuthConfig?.password ??
>>> 100:             process.env.TRANSLOADIT_MCP_METRICS_PASSWORD);
    101:         const endpoint = (config.endpoint ?? fileConfig.endpoint ?? process.env.TRANSLOADIT_ENDPOINT);
    102:         const mcpToken = (fileConfig.mcpToken ?? process.env.TRANSLOADIT_MCP_TOKEN);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    99:             metricsAuthConfig?.password ??
    100:             process.env.TRANSLOADIT_MCP_METRICS_PASSWORD);
>>> 101:         const endpoint = (config.endpoint ?? fileConfig.endpoint ?? process.env.TRANSLOADIT_ENDPOINT);
    102:         const mcpToken = (fileConfig.mcpToken ?? process.env.TRANSLOADIT_MCP_TOKEN);
    103:         const clientSuffix = process.env.TRANSLOADIT_CLIENT_SUFFIX;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    100:             process.env.TRANSLOADIT_MCP_METRICS_PASSWORD);
    101:         const endpoint = (config.endpoint ?? fileConfig.endpoint ?? process.env.TRANSLOADIT_ENDPOINT);
>>> 102:         const mcpToken = (fileConfig.mcpToken ?? process.env.TRANSLOADIT_MCP_TOKEN);
    103:         const clientSuffix = process.env.TRANSLOADIT_CLIENT_SUFFIX;
    104:         if (!isLocalHost(host) && !mcpToken) {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    106:         }
    107:         const handler = await createTransloaditMcpHttpHandler({
>>> 108:             authKey: (fileConfig.authKey ?? process.env.TRANSLOADIT_KEY),
    109:             authSecret: (fileConfig.authSecret ?? process.env.TRANSLOADIT_SECRET),
    110:             endpoint,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    107:         const handler = await createTransloaditMcpHttpHandler({
    108:             authKey: (fileConfig.authKey ?? process.env.TRANSLOADIT_KEY),
>>> 109:             authSecret: (fileConfig.authSecret ?? process.env.TRANSLOADIT_SECRET),
    110:             endpoint,
    111:             clientSuffix,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    135:     }
    136:     const server = createTransloaditMcpServer({
>>> 137:         authKey: process.env.TRANSLOADIT_KEY,
    138:         authSecret: process.env.TRANSLOADIT_SECRET,
    139:         endpoint: process.env.TRANSLOADIT_ENDPOINT,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    136:     const server = createTransloaditMcpServer({
    137:         authKey: process.env.TRANSLOADIT_KEY,
>>> 138:         authSecret: process.env.TRANSLOADIT_SECRET,
    139:         endpoint: process.env.TRANSLOADIT_ENDPOINT,
    140:         clientSuffix: process.env.TRANSLOADIT_CLIENT_SUFFIX,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    137:         authKey: process.env.TRANSLOADIT_KEY,
    138:         authSecret: process.env.TRANSLOADIT_SECRET,
>>> 139:         endpoint: process.env.TRANSLOADIT_ENDPOINT,
    140:         clientSuffix: process.env.TRANSLOADIT_CLIENT_SUFFIX,
    141:     });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    138:         authSecret: process.env.TRANSLOADIT_SECRET,
    139:         endpoint: process.env.TRANSLOADIT_ENDPOINT,
>>> 140:         clientSuffix: process.env.TRANSLOADIT_CLIENT_SUFFIX,
    141:     });
    142:     const transport = new StdioServerTransport();

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    146:     const logger = getLogger().nest('cli');
    147:     const redact = buildRedactor([
>>> 148:         process.env.TRANSLOADIT_KEY,
    149:         process.env.TRANSLOADIT_SECRET,
    150:         process.env.TRANSLOADIT_MCP_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    147:     const redact = buildRedactor([
    148:         process.env.TRANSLOADIT_KEY,
>>> 149:         process.env.TRANSLOADIT_SECRET,
    150:         process.env.TRANSLOADIT_MCP_TOKEN,
    151:     ]);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    148:         process.env.TRANSLOADIT_KEY,
    149:         process.env.TRANSLOADIT_SECRET,
>>> 150:         process.env.TRANSLOADIT_MCP_TOKEN,
    151:     ]);
    152:     logger.err('MCP server failed: %s', redact(err));

Decoded base64 content: zv������wb��ל�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zv������wb��ל�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.