@notionhq/notion-mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    198: 
    199:     afterEach(() => {
>>> 200:       process.env = originalEnv
    201:     })
    202: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    202: 
    203:     it('should parse valid JSON headers from env', () => {
>>> 204:       process.env.OPENAPI_MCP_HEADERS = JSON.stringify({
    205:         Authorization: 'Bearer token123',
    206:         'X-Custom-Header': 'test',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    220: 
    221:     it('should return empty object when env var is not set', () => {
>>> 222:       delete process.env.OPENAPI_MCP_HEADERS
    223: 
    224:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    233:     it('should return empty object and warn on invalid JSON', () => {
    234:       const consoleSpy = vi.spyOn(console, 'warn').mockImplementation(() => {})
>>> 235:       process.env.OPENAPI_MCP_HEADERS = 'invalid json'
    236: 
    237:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    248:     it('should return empty object and warn on non-object JSON', () => {
    249:       const consoleSpy = vi.spyOn(console, 'warn').mockImplementation(() => {})
>>> 250:       process.env.OPENAPI_MCP_HEADERS = '"string"'
    251: 
    252:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    262: 
    263:     it('should use NOTION_TOKEN when OPENAPI_MCP_HEADERS is not set', () => {
>>> 264:       delete process.env.OPENAPI_MCP_HEADERS
    265:       process.env.NOTION_TOKEN = 'ntn_test_token_123'
    266: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    263:     it('should use NOTION_TOKEN when OPENAPI_MCP_HEADERS is not set', () => {
    264:       delete process.env.OPENAPI_MCP_HEADERS
>>> 265:       process.env.NOTION_TOKEN = 'ntn_test_token_123'
    266: 
    267:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    278: 
    279:     it('should prioritize OPENAPI_MCP_HEADERS over NOTION_TOKEN when both are set', () => {
>>> 280:       process.env.OPENAPI_MCP_HEADERS = JSON.stringify({
    281:         Authorization: 'Bearer custom_token',
    282:         'Custom-Header': 'custom_value',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    282:         'Custom-Header': 'custom_value',
    283:       })
>>> 284:       process.env.NOTION_TOKEN = 'ntn_test_token_123'
    285: 
    286:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    311:     it('should use NOTION_TOKEN when OPENAPI_MCP_HEADERS is empty object', () => {
    312:       process.env.OPENAPI_MCP_HEADERS = '{}'
>>> 313:       process.env.NOTION_TOKEN = 'ntn_test_token_123'
    314: 
    315:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    310: 
    311:     it('should use NOTION_TOKEN when OPENAPI_MCP_HEADERS is empty object', () => {
>>> 312:       process.env.OPENAPI_MCP_HEADERS = '{}'
    313:       process.env.NOTION_TOKEN = 'ntn_test_token_123'
    314: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    298:     it('should return empty object when neither OPENAPI_MCP_HEADERS nor NOTION_TOKEN are set', () => {
    299:       delete process.env.OPENAPI_MCP_HEADERS
>>> 300:       delete process.env.NOTION_TOKEN
    301: 
    302:       const proxy = new MCPProxy('test-proxy', mockOpenApiSpec)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    297: 
    298:     it('should return empty object when neither OPENAPI_MCP_HEADERS nor NOTION_TOKEN are set', () => {
>>> 299:       delete process.env.OPENAPI_MCP_HEADERS
    300:       delete process.env.NOTION_TOKEN
    301: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14:   const specPath = path.resolve(directory, '../scripts/notion-openapi.json')
    15:   
>>> 16:   const baseUrl = process.env.BASE_URL ?? undefined
    17: 
    18:   // Parse command line arguments manually (similar to slack-mcp approach)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    85:     let authToken: string | undefined
    86:     if (!options.disableAuth) {
>>> 87:       authToken = options.authToken || process.env.AUTH_TOKEN || randomBytes(32).toString('hex')
    88:       if (!options.authToken && !process.env.AUTH_TOKEN) {
    89:         console.log(`Generated auth token: ${authToken}`)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    86:     if (!options.disableAuth) {
    87:       authToken = options.authToken || process.env.AUTH_TOKEN || randomBytes(32).toString('hex')
>>> 88:       if (!options.authToken && !process.env.AUTH_TOKEN) {
    89:         console.log(`Generated auth token: ${authToken}`)
    90:         console.log(`Use this token in the Authorization header: Bearer ${authToken}`)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    197: 
    198:     // Alternative: try NOTION_TOKEN
>>> 199:     const notionToken = process.env.NOTION_TOKEN
    200:     if (notionToken) {
    201:       return {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    179:   private parseHeadersFromEnv(): Record<string, string> {
    180:     // First try OPENAPI_MCP_HEADERS (existing behavior)
>>> 181:     const headersJson = process.env.OPENAPI_MCP_HEADERS
    182:     if (headersJson) {
    183:       try {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    179:       if (error.response) {
    180:         // Only log errors in non-test environments to keep test output clean
>>> 181:         if (process.env.NODE_ENV !== 'test') {
    182:           console.error('Error in http client', {
    183:             status: error.response.status,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    191: 
    192:   describe('parseHeadersFromEnv', () => {
>>> 193:     const originalEnv = process.env
    194: 
    195:     beforeEach(() => {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    194: 
    195:     beforeEach(() => {
>>> 196:       process.env = { ...originalEnv }
    197:     })
    198: 

Decoded base64 content: r��zܢ����ܢw��?j����n��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��'��m��-��%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�,�)���?�{^������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�,�)���?�{^������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������� i�'�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ծ�ߗ�{���M�k��wn���׷�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �{�Ȩ�)�&��7�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�S��^���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N��ڶ*'N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N��ڶ*'N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N��ڶ*'N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^Rx���}��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^Rx���}��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    461:       // console.log(zodSchemaStr)
    462:       // // Execute the function with the zod instance
>>> 463:       // const zodSchema = eval(zodSchemaStr) as z.ZodType
    464: 
    465:       return {

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��&��ޞ�?��^��?

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�N����$���N�l�t���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    344: ```text
    345: Generated auth token: a1b2c3d4e5f6789abcdef0123456789abcdef0123456789abcdef0123456789ab
>>> 346: Use this token in the Authorization header: Bearer a1b2c3d4e5f6789abcdef0123456789abcdef0123456789abcdef0123456789ab
    347: ```
    348: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    343: 
    344: ```text
>>> 345: Generated auth token: a1b2c3d4e5f6789abcdef0123456789abcdef0123456789abcdef0123456789ab
    346: Use this token in the Authorization header: Bearer a1b2c3d4e5f6789abcdef0123456789abcdef0123456789abcdef0123456789ab
    347: ```

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.