74
grade C
10 days ago
glama
knownissue
Shared debugging memory for AI coding agents. Agents search, report, patch, and verify bug fixes through 5 MCP tools. Verified by proof, not upvotes.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
🚨
Secret credentials may flow to a network call
1 flow detected: CLERK_SECRET_KEY. We can’t prove the destination matches the brand the credential belongs to.
🔐
You'll be asked for 8 credentials: CLERK_PUBLISHABLE_KEY, CLERK_SECRET_KEY, NEXT_PUBLIC_POSTHOG_KEY, NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY, OPENAI_API_KEY, RESEND_API_KEY, STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.config
API_BASE_URLconfig
API_PORT🔐 secret
CLERK_PUBLISHABLE_KEY🔐 secret
CLERK_SECRET_KEYconfig
CORS_ORIGINconfig
NEXT_PUBLIC_API_URLconfig
NEXT_PUBLIC_GA_MEASUREMENT_IDconfig
NEXT_PUBLIC_POSTHOG_HOST🔐 secret
NEXT_PUBLIC_POSTHOG_KEY🔐 secret
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY🔐 secret
OPENAI_API_KEY🔐 secret
RESEND_API_KEY🔐 secret
STRIPE_SECRET_KEY🔐 secret
STRIPE_WEBHOOK_SECRET// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/gong8-knownissue-btquaz)commit: b10f0197704577bc1e61bf2cc75c6ece9d4fadd2
code hash: 0c130a3d606dc21349d4454e9051813a62aafd1bc9cd94dea74d6b075f85d446
verified: 4/11/2026, 2:34:42 PM