critical
suspicious.dangerous_exec
- Location
- index.js:101
- Finding
- Shell command execution detected (child_process).
Rewrite Question
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal
Findings (3)
critical
suspicious.env_credential_access
- Location
- rewrite_question.py:508
- Finding
- Python code POSTs credential environment variables to an environment-controlled URL.
critical
suspicious.exposed_secret_literal
- Location
- index.js:91
- Finding
- File appears to expose a hardcoded API secret or token.