critical
suspicious.env_credential_access
- Location
- compress.js:31
- Finding
- Environment variable access combined with network send.
Pixmind Image Compress
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
Findings (2)
warn
suspicious.potential_exfiltration
- Location
- compress.js:23
- Finding
- Sensitive-looking file read is paired with a network send.