critical
@vizejs/musea-mcp-server
v0.9.0MCP server for building Vue.js design systems - component analysis, documentation, variant generation, and design tokens
2
Total
2
Critical
0
High
0
Medium
Findings
unknowncriticalDE-002Data ExfiltrationHigh ConfidenceLine 0
Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
3:
4: //#region src/cli.ts
>>> 5: let projectRoot = process.env.MUSEA_PROJECT_ROOT || process.cwd();
6: let tokensPath = process.env.MUSEA_TOKENS_PATH;
7: const args = process.argv.slice(2);criticalDE-002Data ExfiltrationHigh ConfidenceLine 0
Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
4: //#region src/cli.ts
5: let projectRoot = process.env.MUSEA_PROJECT_ROOT || process.cwd();
>>> 6: let tokensPath = process.env.MUSEA_TOKENS_PATH;
7: const args = process.argv.slice(2);
8: for (let i = 0; i < args.length; i++) if (args[i] === "--tokens-path" && i + 1 < args.length) tokensPath = args[++i];Scan History
| Date | Risk | Findings | Files | Duration |
|---|---|---|---|---|
| Feb 25, 2026 | critical | 2 | 9 | 0.00s |
| Feb 24, 2026 | critical | 2 | 9 | 0.00s |