critical
suspicious.dangerous_exec
- Location
- magister.test.mjs:40
- Finding
- Shell command execution detected (child_process).
Magister 1
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Anyone using the skill is allowing the agent to access private Magister information for the configured account.
Why it was flagged
The skill needs real Magister login credentials and can read grades and infractions. This is expected for the stated purpose, but it gives the agent access to sensitive school-account data.
Skill content
"env":["MAGISTER_HOST","MAGISTER_USER","MAGISTER_PASSWORD"] ... node magister.mjs grades <aanmelding_id> [top] ... node magister.mjs infractions <id> <from> <to>
Recommendation
Use only credentials for accounts you are authorized to access, and consider whether the agent should see student grades, schedules, and absence/infraction details.
What this means
A local user or process with access to the skill directory may be able to read the cached access token while it is valid.
Why it was flagged
Access tokens are persisted locally in the skill directory and reused until they expire. This is a common convenience but means a credential-like token remains on disk.
Skill content
const CACHE_FILE = join(DIR, '.token_cache.json'); ... cache[key] = token; saveCache(cache);
Recommendation
Keep the skill directory private, delete .token_cache.json when finished or if credentials change, and avoid sharing the directory with others.
What this means
Running the tests can invoke the Magister CLI against real accounts using environment variables or local .env files.
Why it was flagged
The static exec finding comes from the test harness spawning the local CLI with test credentials. It does not use shell interpolation and is not part of the SKILL.md command flow unless tests are deliberately run.
Skill content
const result = spawnSync('node', [CLI, ...args], { ... env: { ...process.env, ...envVars }, timeout: 30_000 });Recommendation
Do not run the integration tests unless you intend to use the supplied Magister credentials for live portal calls.