critical
suspicious.credential_exposure_instructions
- Location
- memory/2026-02-28.md:22
- Finding
- Instructions expose credentials through shell, git config, or agent memory.
Agent Security Framework
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.credential_exposure_instructions, suspicious.dangerous_exec, suspicious.dynamic_code_execution (+6 more)
Findings (62)
critical
suspicious.dangerous_exec
- Location
- ASF-15-docker/agent-verifier/discord-asf-bot.js:49
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- asf-discord-deployment/discord-asf-bot.js:49
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- deployment-package/discord-asf-bot.js:47
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- discord-asf-bot.js:49
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- rayban-meta-bridge/conversation-simple.js:175
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- rayban-meta-bridge/phone-bridge.js:83
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dynamic_code_execution
- Location
- asf-demo-capability-enforcer.sh:27
- Finding
- Dynamic code execution detected.
critical
suspicious.dynamic_code_execution
- Location
- skills/daily-security-audit/skill.sh:68
- Finding
- Dynamic code execution detected.
critical
suspicious.env_credential_access
- Location
- ASF-15-docker/skill-verifier/discord-skill-bot.js:17
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- rayban-meta-bridge/conversation-simple.js:186
- Finding
- Environment variable access combined with network send.
critical
suspicious.env_credential_access
- Location
- rayban-meta-bridge/phone-bridge.js:167
- Finding
- Environment variable access combined with network send.
critical
suspicious.exposed_secret_literal
- Location
- ASF-15-docker/docker-compose.yml:57
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-15-docker/golden-configs/anthropic-env.txt:1
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-15-docker/skill-verifier/discord-skill-bot.js:86
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-17-REST-API.md:216
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-Code-Comparison.md:37
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-ENTERPRISE-INTEGRATION-GUIDE.md:927
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-live-demo.py:94
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-live-demo.sh:87
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-moltbook-parallel-demo.py:14
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-platform-sdk.js:531
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-Prevents-Moltbook-Breach.md:10
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-Secure-Skills-Summary.md:37
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-secure-skills/openai-image-gen-secure/scripts/gen-secure.py:209
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- asf-secure-skills/openai-image-gen-secure/SKILL.md:21
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- ASF-TEAM-JIRA-ACCESS-GUIDE.md:17
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- COPILOT-MISSION-CONTROL-PROMPT.md:25
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/asf-20-enterprise-integration/ASF-17-REST-API.md:216
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/asf-20-enterprise-integration/ASF-ENTERPRISE-INTEGRATION-GUIDE.md:927
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/ASF-REST-API.md:80
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- FINAL-OPENCLAW-SECURITY-ADVISORY.md:52
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- IMPLEMENTATION-STATUS.md:26
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- JIRA-API-GUIDE.md:9
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- jira-update-points.sh:5
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- memory/2026-02-16.md:164
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- MISSION-CONTROL-GUIDE.md:65
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- moltbook-post.py:12
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- openclaw-disclosure-final-collaborative.md:86
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- openclaw-disclosure-revised.md:51
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- post-moltbook-reply.sh:5
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- post-to-moltbook-viral.py:12
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- RAVEN-MISSION-CONTROL-ACCESS.md:27
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- setup-scrumai-email.py:15
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- skills/openai-image-gen/SKILL.md:21
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- test-asf-fixes.sh:39
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- test-google-auth.py:13
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- test-moltbook.py:7
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.generated_source_template_injection
- Location
- docs/asf-5-yara-rules/YARA-ALERT-RESPONSE.md:36
- Finding
- User-controlled placeholder is embedded directly into generated source code.
critical
suspicious.generated_source_template_injection
- Location
- docs/deliverables/ASF-49-Remote-Partner-Installation.md:137
- Finding
- User-controlled placeholder is embedded directly into generated source code.
warn
suspicious.insecure_tls_verification
- Location
- check-email-updated.py:76
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.insecure_tls_verification
- Location
- check-email.py:54
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.insecure_tls_verification
- Location
- moltbook-post.py:17
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.insecure_tls_verification
- Location
- search-mission-control.py:45
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.insecure_tls_verification
- Location
- setup-scrumai-email.py:11
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.insecure_tls_verification
- Location
- test-google-auth.py:17
- Finding
- HTTPS certificate verification is disabled.
warn
suspicious.install_untrusted_source
- Location
- ASF-15-docker/golden-configs/openclaw.json:323
- Finding
- Install source points to URL shortener or raw IP.
warn
suspicious.install_untrusted_source
- Location
- oc-cfg-current.json:303
- Finding
- Install source points to URL shortener or raw IP.
warn
suspicious.install_untrusted_source
- Location
- oc-cfg-debug.json:269
- Finding
- Install source points to URL shortener or raw IP.
warn
suspicious.install_untrusted_source
- Location
- oc-cfg-fixed.json:299
- Finding
- Install source points to URL shortener or raw IP.
warn
suspicious.prompt_injection_instructions
- Location
- ASF-19-ENTERPRISE-PITCH-DECK.md:59
- Finding
- Prompt-injection style instruction pattern detected.
warn
suspicious.prompt_injection_instructions
- Location
- ASF-Prevents-Real-Attacks.md:54
- Finding
- Prompt-injection style instruction pattern detected.