/ 100

8 days ago

glama

JS Reverse MCP

An MCP server for JavaScript reverse engineering that enables AI to perform browser debugging, script analysis, and automated hook injection. It streamlines complex workflows like deobfuscation, network tracing, and risk assessment through direct browser integration.

→ NoOne-hub/JSReverser-MCP · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

⚠️

Known vulnerabilities in dependencies: 11 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

🔐

You'll be asked for 4 credentials: ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENAI_API_KEY, SESSION_STATE_ENCRYPTION_KEY

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

🔐 secretANTHROPIC_API_KEY— "your_key"

configANTHROPIC_BASE_URL

configANTHROPIC_MODEL— "claude-3-5-sonnet-20241022"

configBROWSER_CHANNEL

configBROWSER_EXECUTABLE_PATH

configBROWSER_HEADLESS

configBROWSER_ISOLATED

configDEFAULT_LLM_PROVIDER— "anthropic"

🔐 secretGEMINI_API_KEY— gemini 支持两种模式：有时走 API；没有时会尝试走 GEMINI_CLI_PATH

configGEMINI_CLI_PATH— gemini-cli

configGEMINI_MODEL— gemini-2.0-flash-exp

configJSREVERSER_ARTIFACTS_DIR

configLOG_LEVEL

🔐 secretOPENAI_API_KEY

configOPENAI_BASE_URL

configOPENAI_MODEL

configREMOTE_DEBUGGING_PORT

configREMOTE_DEBUGGING_URL

configRUN_E2E_TESTS

configRUN_GEMINI_CLI_TESTS

configRUN_PERF_TESTS

configSESSION_STATE_CLEANUP_INTERVAL_MS

🔐 secretSESSION_STATE_ENCRYPTION_KEY

configSESSION_STATE_TTL_MS

configUSE_STEALTH_SCRIPTS

configXDG_STATE_HOME

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/noone-hub-jsreverser-mcp-t9w4cf)](https://m8ven.ai/mcp/noone-hub-jsreverser-mcp-t9w4cf)

commit: 65e2e3cb70c10a79dfd1ba4410a2c876113e676c

code hash: 889d5353a61bdb6d9c1f546d5e2506ece9881bc87f929112d832574f32099e02

verified: 6/13/2026, 10:31:38 AM

view raw JSON →