Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

makenotion/notion-mcp-server
main @ d7e3bbd
1
Fixes
0
CVEs
MEDIUM
Peak severity
Highlights
Information Disclosure: 1 prior fix. Scrutinize any change in this area.
scripts/start-server.ts: most-fixed (1 issue). Treat as high-risk during review.
0 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Information Disclosure: Sensitive bearer tokens and API credentials can be inadvertently exposed through unscrubbed console logging (console.log and console.error) of raw request/response objects or error traces within the proxy and HTTP client components. Developers should sanitize all logged inputs and ensure that tokens are stored in restricted-permission files rather than written to stdout.