Back to skill
Skillv1.0.0
Static analysis security
Clawphunks · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
ReviewApr 30, 2026, 5:07 AM
- Summary
- Detected: suspicious.env_credential_access
- Reason codes
- suspicious.env_credential_access
- Engine
- v2.4.5
Evidence
criticalmcp/src/index.ts:257
Environment variable access combined with network send.
suspicious.env_credential_access
criticalsrc/server.ts:147
Environment variable access combined with network send.
suspicious.env_credential_access