Dynamic code execution
Critical
- Finding
- Dynamic code execution detected.
灵枢 AutoBrain
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The workspace artifact files could not be read due to an execution sandbox failure, so no evidence-backed suspicious behavior was identified.
Do not treat this as a completed approval review; rerun the scan in an environment where metadata.json and artifact/ can be read.
Publisher note
Our install.sh unzips engine files to the workspace directory, registers 3 cron tasks (engine init at 5am, health check at 0am, memory maintenance at 23pm), and verifies Python module imports. These are all standard installation procedures for a runtime engine package — no malicious behavior. The bundle zip contains only Crusheart Agent OS engine code (.py files) and system rule files (.md). 此技能包已不在维护与更新,需要体验新版本请到插件分类中搜索AutoBrain
Static analysis
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
No visible risk-analysis findings were reported for this release.