Skillv1.0.4

Static analysis security

VariflightAviation · Deterministic local checks for risky code patterns and metadata mismatches.

ReviewApr 30, 2026, 4:58 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.exposed_secret_literal
Reason codes: suspicious.dangerous_execsuspicious.exposed_secret_literal
Engine: v2.4.5

criticalsrc/lib/mcp-server-manager.js:17

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalresearch_report_aviation_migration.md:150

Documentation appears to expose a hardcoded API secret or token.

suspicious.exposed_secret_literal