MCPVet
Clean
Outbound network 12
Environment variables (config / keys) 39
Shell / command execution 23
AI review
This is a legitimate GitLab MCP server extension. All environment variable accesses are standard configuration (API URL, tokens, workspace root) and network calls are to GitLab's API. The static findings reflect normal patterns for a GitLab integration tool, not malicious behavior.
Model: deepseek-chat
Static findings
Outbound network · Makes outbound network requests
info
.github/agents/python-reviewer.agent.md:81
- **HIGH:** Do not mix `asyncio` and blocking I/O in the same event loop. Blocking calls (`time.sleep`, `open` in sync mode, `requests.get`) block the entire event loop.
low
oauth.ts:85
const req = http.request(options, res => {
low
test-note.ts:24
const response = await fetch(url.toString(), {
low
test-resolve-issue-note.ts:28
const response = await fetch(url.toString(), {
info
test/dynamic-api-url-test.ts:319
const response = await fetch(metricsUrl);
info
test/mcp-oauth-tests.ts:287
const res = await fetch(mcpUrl, {
info
test/remote-auth-simple-test.ts:38
const response = await fetch(metricsUrl);
info
test/remote-auth-tests.ts:70
const response = await fetch(url, {
info
test/stateless/session-id-integration.test.ts:115
const res = await fetch(url, {
info
test/test-remote-downloads.ts:410
const downloadRes = await fetch(parsed.download_url);
info
test/test-token-optimizations.ts:68
const response = await fetch(url, {
info
test/validate-api.js:63
const response = await fetch(test.url, {
Environment variables (config / keys) · Reads environment variables (config / API keys)
low
config.ts:25
return cliArgs[cliKey] || process.env[envKey] || defaultValue;
low
customSchemas.ts:2
const DEFAULT_NULL = process.env.DEFAULT_NULL === "true";
low
index.ts:58
const secret = process.env.DOWNLOAD_TOKEN_SECRET;
low
mcp-server/src/utils.ts:8
return path.resolve(process.env.WORKSPACE_ROOT || process.cwd());
low
oauth.ts:14
level: process.env.LOG_LEVEL || "info",
low
stateless/secret.ts:62
env: NodeJS.ProcessEnv = process.env
low
test-cli.js:34
return cliArgs[cliKey] || process.env[envKey] || defaultValue;
low
test-note.ts:10
const GITLAB_API_URL = process.env.GITLAB_API_URL || "https://gitlab.com";
low
test-resolve-issue-note.ts:10
const GITLAB_API_URL = process.env.GITLAB_API_URL || "https://gitlab.com";
info
test/clients/stdio-client.ts:33
// Copy process.env, filtering out undefined values
info
test/config-allowed-groups.test.ts:11
* config.ts reads process.env at module load, so each scenario runs in a
info
test/dynamic-routing-tests.ts:18
const originalToken = process.env.GITLAB_TOKEN_TEST;
+ 27 more
Shell / command execution · Executes shell / system commands
info
test/config-allowed-groups.test.ts:16
import { execFileSync } from "node:child_process";
info
test/stateless/config-ttl.test.ts:22
import { execFileSync } from "node:child_process";
info
test/streamable-http-static-token-auth.test.ts:2
import { spawn } from "node:child_process";
info
test/test-ci-lint.ts:3
import { spawn } from "child_process";
info
test/test-ci-variables.ts:3
import { spawn } from "child_process";
info
test/test-dependency-proxy.ts:3
import { spawn } from "child_process";
info
test/test-deployment-tools.ts:3
import { spawn } from "child_process";
info
test/test-download-attachment.ts:3
import { spawn } from 'node:child_process';
info
test/test-get-file-blame.ts:3
import { spawn } from "child_process";
info
test/test-job-artifacts.ts:3
import { spawn } from 'child_process';
info
test/test-list-issues.ts:3
import { spawn } from "child_process";
info
test/test-list-merge-requests.ts:3
import { spawn } from 'child_process';
+ 11 more
Scanning every extension your team installs?
Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.
MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.