Back to skill
Skillv1.0.3
Static analysis security
CareerClaw · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
SuspiciousApr 30, 2026, 5:05 AM
- Summary
- Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.potential_exfiltration
- Reason codes
- suspicious.dangerous_execsuspicious.env_credential_accesssuspicious.potential_exfiltration
- Engine
- v2.4.5
Evidence
criticalsrc/tests/cli.test.ts:32
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/debug_license.ts:12
Environment variable access combined with network send.
suspicious.env_credential_access
criticalsrc/config.ts:21
Environment variable access combined with network send.
suspicious.env_credential_access
warnscripts/debug_llm_response.ts:6
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnsrc/cli.ts:23
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnsrc/license.ts:18
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnsrc/tests/license.test.ts:228
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration