storybook-mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14:             type: 'string',
    15:             describe: 'URL of the Storybook instance',
>>> 16:             default: process.env.STORYBOOK_URL || 'http://localhost:6006',
    17:             alias: 'url',
    18:         },

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    20:             type: 'string',
    21:             describe: 'Directory to save screenshots',
>>> 22:             default: process.env.SCREENSHOT_OUTPUT_DIR || './screenshots',
    23:             alias: 'output',
    24:         },

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    27:             describe: 'Logging level',
    28:             choices: ['error', 'warn', 'info', 'debug'],
>>> 29:             default: process.env.LOG_LEVEL || 'info',
    30:         },
    31:     })

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    7: const winston_1 = __importDefault(require("winston"));
    8: const path_1 = __importDefault(require("path"));
>>> 9: const logLevel = process.env.LOG_LEVEL || 'info';
    10: const isMCPMode = !process.env.NODE_ENV || process.env.NODE_ENV === 'production' || process.env.MCP_MODE === 'true';
    11: exports.logger = winston_1.default.createLogger({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    8: const path_1 = __importDefault(require("path"));
    9: const logLevel = process.env.LOG_LEVEL || 'info';
>>> 10: const isMCPMode = !process.env.NODE_ENV || process.env.NODE_ENV === 'production' || process.env.MCP_MODE === 'true';
    11: exports.logger = winston_1.default.createLogger({
    12:     level: logLevel,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    28: });
    29: // Only add console output for development/testing, never for MCP mode
>>> 30: if (!isMCPMode && process.env.NODE_ENV === 'development') {
    31:     exports.logger.add(new winston_1.default.transports.Console({
    32:         format: winston_1.default.format.combine(winston_1.default.format.colorize(), winston_1.default.format.simple()),

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

>>> 1: import { ChildProcess } from 'child_process';
    2: export interface StorybookConfig {
    3:     url: string;

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)�F��x���n�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�^r��rF�xƧj�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    7: const fs_1 = require("fs");
    8: const path_1 = __importDefault(require("path"));
>>> 9: const child_process_1 = require("child_process");
    10: const axios_1 = __importDefault(require("axios"));
    11: const logger_1 = require("./logger");

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    93:             // Launch Storybook
    94:             logger_1.logger.info(`Launching Storybook from ${projectPath} using ${packageManager} run ${storybookScript}`);
>>> 95:             const process = (0, child_process_1.spawn)(packageManager, ['run', storybookScript], {
    96:                 cwd: projectPath,
    97:                 stdio: ['ignore', 'pipe', 'pipe'],

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)�F��x���n�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)�F��x���n�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�^r��rF�xƧj�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�^r��rF�xƧj�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^J�+ɺ(�J�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.