Pantheon-Security/notebooklm-mcp-secure

v2026.3.3 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 23d MCP Security & Auth

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai automation browser-automation claude google llm

+5 more

mcp model-context-protocol notebooklm research typescript

ReleasePort's take

Light signal

editorial:auto 13d

Entry‑point detection is now reliable for npm bin shim and npx invocations; a new NLMCP_DEBUG flag logs argv paths for diagnostics.

Why it matters: Patch to v2026.3.3 immediately if you use npm bin or npx, then enable NLMCP_DEBUG in dev to verify correct argv handling.

Summary

AI summary

Fixed silent failure when invoked via npm bin shim or npx by resolving argv[1] symlink before entry-point detection.

Changes in this release

Type	Severity	Summary	CVE
Feature	Medium	NLMCP_DEBUG environment variable logs argv paths for diagnostic debugging NLMCP_DEBUG environment variable logs argv paths for diagnostic debugging Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Low	NLMCP_DEBUG environment variable enables logging of argv[1] vs import.meta.url values NLMCP_DEBUG environment variable enables logging of argv[1] vs import.meta.url values Source: granite4.1:30b@2026-05-24-audit Confidence: low	—
Bugfix	Medium	Entry-point detection fixed for npm bin shim and npx invocations Entry-point detection fixed for npm bin shim and npx invocations Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

Bug Fix

Entry-point detection broken for bin shim and npx invocations (closes #11)

The isDirectRun guard compared import.meta.url against a raw pathToFileURL(process.argv[1]). When invoked via npm install -g bin shim or npx, argv[1] is a symlink — not the real module path — so the comparison always failed, main() never ran, and the server exited cleanly with no MCP transport registered. The failure was silent (clean exit 0, no error), making it hard to diagnose.

Fix

argv[1] is now resolved through realpathSync before the comparison, canonicalising any symlink before the equality check. The guard is wrapped in a try/catch that fails closed on any path resolution error.

Diagnostic

Set NLMCP_DEBUG=true to log the exact argv[1] vs import.meta.url values when the guard gates off main() — useful for diagnosing any future silent no-start.

Workaround (no longer needed)

The node /absolute/path/dist/index.js workaround documented in #11 is no longer required. The README npx and claude mcp add invocation patterns now work as documented.

npm: @pan-sec/[email protected]

Tests: 643 passing across 52 test files · tsc --noEmit clean · npm audit 0 vulnerabilities

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Pantheon-Security/notebooklm-mcp-secure

Get notified when new releases ship.

About Pantheon-Security/notebooklm-mcp-secure

Security-hardened NotebookLM MCP with post-quantum encryption (ML-KEM-768), GDPR/SOC2/CSSF compliance, and 14 security layers. Query Google's Gemini-grounded research from Claude and AI agents.

All releases →