critical
suspicious.env_credential_access
- Location
- scripts/index.js:14
- Finding
- Environment variable access combined with network send.
Jianying Auto Editor
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access, suspicious.install_untrusted_source
Findings (2)
warn
suspicious.install_untrusted_source
- Location
- examples/config.example.json:2
- Finding
- Install source points to URL shortener or raw IP.