ClawdVine

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.env_credential_access, suspicious.prompt_injection_instructions

Findings (3)

critical

suspicious.env_credential_access

Location: scripts/check-balance.mjs:22
Finding: Environment variable access combined with network send.

critical

suspicious.env_credential_access

Location: scripts/x402-generate.mjs:29
Finding: Environment variable access combined with network send.

warn

suspicious.prompt_injection_instructions

Location: SKILL.md:1565
Finding: Prompt-injection style instruction pattern detected.