critical
suspicious.dangerous_exec
- Location
- scripts/patterns.py:357
- Finding
- Shell command execution detected (child_process).
Audit Code
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
The agent can run the bundled scanner over the selected path; an overly broad or unintended path could cause more local files to be read than the user expected.
Why it was flagged
The skill grants Bash and tells the agent to run a local Python auditor. This shell use is fixed and central to the stated code-review purpose, but it is still a tool-execution capability users should notice.
Skill content
allowed-tools: Read, Glob, Grep, Bash ... python3 "$SKILL_DIR/scripts/audit_code.py" "$ARGUMENTS"
Recommendation
Invoke it only for repositories you want audited, and provide an explicit target path if you do not want the whole project scanned.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Secrets or sensitive file paths from the repository could appear in the audit output or conversation if the results are shared.
Why it was flagged
The scanner intentionally reads .env files and scans their contents for secrets. That is purpose-aligned for a security audit, but it means credential-like material may be processed and surfaced in local findings.
Skill content
content = env_file.read_text(encoding="utf-8", errors="replace"); findings.extend(Scan_Content(content, Secrets_Patterns, str(env_file)))
Recommendation
Run it in a trusted workspace, treat raw reports as sensitive, and rotate any real secrets found in committed files.
Findings (2)
critical
suspicious.dynamic_code_execution
- Location
- scripts/patterns.py:350
- Finding
- Dynamic code execution detected.