critical
suspicious.dangerous_exec
- Location
- src/core/backgroundExecutor.js:40
- Finding
- Shell command execution detected (child_process).
Cue
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.destructive_delete_command, suspicious.env_credential_access
Findings (6)
critical
suspicious.dangerous_exec
- Location
- src/cron/monitor-daemon.js:217
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- src/notifier/index.js:64
- Finding
- Shell command execution detected (child_process).
warn
suspicious.destructive_delete_command
- Location
- SECURITY.md:90
- Finding
- Documentation contains a destructive delete command without an explicit confirmation gate.
warn
suspicious.destructive_delete_command
- Location
- tmp/SECURITY.md:90
- Finding
- Documentation contains a destructive delete command without an explicit confirmation gate.
critical
suspicious.env_credential_access
- Location
- src/cron/monitor-daemon.js:76
- Finding
- Environment variable access combined with network send.