ICUICU
critical

backlog-mcp-server

v0.7.0

![MIT License](https://img.shields.io/badge/license-MIT-green.svg) ![Build](https://github.com/nulab/backlog-mcp-server/actions/workflows/ci.yml/badge.svg) ![Last Commit](https://img.shields.io/github/last-commit/nulab/backlog-mcp-server.svg)

npmnulabFirst seen Feb 22, 2026Source

4

Total

4

Critical

0

High

0

Medium

Findings

unknown
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18:         }
    19:         // Priority:ENV → config → fallback
>>> 20:         const value = process.env[toEnvKey(upperKey)] || config[upperKey] || fallback;
    21:         usedKeys[upperKey] = value;
    22:         return value;
Report false positive
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    1: import pino from 'pino';
>>> 2: if (!process.env.NODE_ENV) {
    3:     process.env.NODE_ENV = 'production';
    4: }
Report false positive
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    1: import pino from 'pino';
    2: if (!process.env.NODE_ENV) {
>>> 3:     process.env.NODE_ENV = 'production';
    4: }
    5: const isProd = process.env.NODE_ENV === 'production';
Report false positive
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    3:     process.env.NODE_ENV = 'production';
    4: }
>>> 5: const isProd = process.env.NODE_ENV === 'production';
    6: export const logger = pino({
    7:     level: isProd ? 'error' : 'debug',
Report false positive

Scan History

DateRiskFindings
Feb 25, 2026critical4
Feb 23, 2026critical4
Feb 22, 2026critical4