Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- scripts/audit.mjs:53
Security audit
Security checks across malware telemetry and agentic risk
This skill is a straightforward audit tool that reads local task and note files, checks GitHub PR status, and writes report files without hidden persistence or destructive behavior.
Before running it, confirm TASKS_ROOT and FLATNOTES_ROOT point only to directories you intend to audit, check which GitHub account gh is authenticated as, and treat the generated tmp reports as private because they may contain task titles, project names, local paths, and PR details.
66/66 vendors flagged this skill as clean.
Detected: suspicious.dangerous_exec