critical
suspicious.dynamic_code_execution
- Location
- core/trainer.py:304
- Finding
- Dynamic code execution detected.
Amber Hunter
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution, suspicious.env_credential_access, suspicious.exposed_secret_literal (+1 more)
Findings (5)
critical
suspicious.env_credential_access
- Location
- proactive/hooks/openclaw/handler.js:15
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- proactive/hooks/openclaw/handler.ts:21
- Finding
- Environment variable access combined with network send.
critical
suspicious.exposed_secret_literal
- Location
- core/llm.py:613
- Finding
- File appears to expose a hardcoded API secret or token.
warn
suspicious.potential_exfiltration
- Location
- proactive/scripts/proactive-check.js:140
- Finding
- Sensitive-looking file read is paired with a network send.