Skillv1.0.8

Static analysis security

Judge Human · Deterministic local checks for risky code patterns and metadata mismatches.

Scanner verdict

SuspiciousApr 6, 2026, 2:36 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.dangerous_execsuspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.2.0

Evidence

criticalscripts/heartbeat.mjs:126

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/heartbeat.mjs:32

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/signal.mjs:51

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/status.mjs:7

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/stories.mjs:8

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/submit.mjs:44

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/vote.mjs:39

Environment variable access combined with network send.

suspicious.env_credential_access

warnscripts/heartbeat.mjs:19

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration