critical
suspicious.credential_exposure_instructions
- Location
- SKILL.md:71
- Finding
- Instructions expose credentials through shell, git config, or agent memory.
ClawdTalk
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.credential_exposure_instructions, suspicious.dangerous_exec, suspicious.env_credential_access (+1 more)
Findings (4)
critical
suspicious.dangerous_exec
- Location
- scripts/ws-client.js:1043
- Finding
- Shell command execution detected (child_process).
critical
suspicious.env_credential_access
- Location
- scripts/ws-client.js:28
- Finding
- Environment variable access combined with network send.
critical
suspicious.exposed_secret_literal
- Location
- scripts/ws-client.js:162
- Finding
- File appears to expose a hardcoded API secret or token.