Back to skill
Skillv1.2.0
Static analysis security
Repo Analyzer · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
MaliciousApr 30, 2026, 5:01 AM
- Summary
- Detected: malicious.crypto_mining, suspicious.dangerous_exec, suspicious.env_credential_access (+1 more)
- Reason codes
- malicious.crypto_miningsuspicious.dangerous_execsuspicious.env_credential_accesssuspicious.potential_exfiltration
- Engine
- v2.4.5
Evidence
criticalscripts/analyze.js:1886
Possible crypto mining behavior detected.
malicious.crypto_mining
criticalscripts/analyze.js:152
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/setup.js:15
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/test.js:25
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/analyze.js:25
Environment variable access combined with network send.
suspicious.env_credential_access
warnscripts/analyze.js:2108
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration