Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Baoyu Danger X To Markdown
Security checks across static analysis, malware telemetry, and agentic risk
Overview
I could not read the local artifact files in this sandbox, and the only negative signal available is VirusTotal telemetry, which is not enough by itself to support a suspicious verdict.
Treat this as an incomplete review: the local sandbox prevented artifact inspection, so do not rely on this result as a full security assessment until SKILL.md, metadata, and artifact contents can be read directly.
Static analysis
Env credential access
Critical
- Finding
- Environment variable access combined with network send.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
No visible risk-analysis findings were reported for this release.