Back to plugin
Pluginv1.1.0
Static analysis security
GLM Search & Tools · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
SuspiciousApr 16, 2026, 1:47 PM
- Summary
- Detected: suspicious.env_credential_access
- Reason codes
- suspicious.env_credential_access
- Engine
- v2.4.0
Evidence
criticalsrc/glm-mcp-tools.ts:30
Environment variable access combined with network send.
const val = process.env[v];