Facebook Page Manager 1.0.0

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal (+1 more)

Findings (9)

critical

suspicious.dangerous_exec

Location: scripts/x_digest_collect.js:20
Finding: Shell command execution detected (child_process).

critical

suspicious.env_credential_access

Location: scripts/auth.js:32
Finding: Environment variable access combined with network send.

critical

suspicious.env_credential_access

Location: scripts/x_digest_collect.js:14
Finding: Environment variable access combined with network send.

critical

suspicious.env_credential_access

Location: scripts/x_digest_to_fb.js:27
Finding: Environment variable access combined with network send.

critical

suspicious.exposed_secret_literal

Location: scripts/auth.js:69
Finding: File appears to expose a hardcoded API secret or token.

warn

suspicious.potential_exfiltration

Location: scripts/auth.js:53
Finding: Sensitive-looking file read is paired with a network send.

warn

suspicious.potential_exfiltration

Location: scripts/cli.js:31
Finding: Sensitive-looking file read is paired with a network send.

warn

suspicious.potential_exfiltration

Location: scripts/fb_post.js:66
Finding: Sensitive-looking file read is paired with a network send.

warn

suspicious.potential_exfiltration

Location: scripts/x_digest_to_fb.js:36
Finding: Sensitive-looking file read is paired with a network send.