critical
suspicious.dangerous_exec
- Location
- scripts/build-app.js:31
- Finding
- Shell command execution detected (child_process).
develop-and-deploy-web-app
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.secret_argv_exposure
Findings (10)
critical
suspicious.dangerous_exec
- Location
- scripts/deploy-app.js:13
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/install-app.js:31
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/remove-app.js:19
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/restart-app.js:14
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/restore-apps.js:12
- Finding
- Shell command execution detected (child_process).
critical
suspicious.dangerous_exec
- Location
- scripts/start-app.js:167
- Finding
- Shell command execution detected (child_process).
critical
suspicious.env_credential_access
- Location
- scripts/scaffold-app.js:588
- Finding
- Environment variable access combined with network send.
critical
suspicious.secret_argv_exposure
- Location
- README.md:16
- Finding
- Instructions pass high-value credentials through process argv.
critical
suspicious.secret_argv_exposure
- Location
- references/scripts.md:7
- Finding
- Instructions pass high-value credentials through process argv.