critical
suspicious.dangerous_exec
- Location
- scripts/appstack-card.mjs:307
- Finding
- Shell command execution detected (child_process).
yunxiao-devops
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.potential_exfiltration
Findings (31)
critical
suspicious.dangerous_exec
- Location
- scripts/bug-fix-flow.mjs:190
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/create-workitem-flow.mjs:344
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/release-flow.mjs:296
- Finding
- Shell command execution detected (child_process).
critical
suspicious.env_credential_access
- Location
- scripts/appstack-card.mjs:45
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/bug-fix-flow.mjs:390
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/commit-activity-card.mjs:25
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/create-workitem-flow.mjs:66
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/daily-standup-card.mjs:28
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/effort-checkin-card.mjs:27
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/mr-review-card.mjs:30
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/pipeline-log-card.mjs:24
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/release-flow.mjs:35
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/repo-init-flow.mjs:28
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/sprint-dashboard-card.mjs:29
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/testcase-card.mjs:23
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/version-release-flow.mjs:30
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- scripts/workitem-relation-flow.mjs:30
- Finding
- Environment variable access combined with network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/appstack-card.mjs:45
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/commit-activity-card.mjs:25
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/create-workitem-flow.mjs:66
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/daily-standup-card.mjs:28
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/effort-checkin-card.mjs:27
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/mr-review-card.mjs:30
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/pipeline-log-card.mjs:24
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/release-flow.mjs:35
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/repo-init-flow.mjs:28
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/sprint-dashboard-card.mjs:29
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/testcase-card.mjs:23
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/version-release-flow.mjs:30
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- scripts/workitem-relation-flow.mjs:30
- Finding
- Sensitive-looking file read is paired with a network send.