critical
suspicious.env_credential_access
- Location
- scripts/hyfceph-service-client.mjs:380
- Finding
- Environment variable access combined with network send.
HYFCeph
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
Findings (2)
warn
suspicious.potential_exfiltration
- Location
- scripts/hyfceph-service-client.mjs:137
- Finding
- Sensitive-looking file read is paired with a network send.