Skillv1.9.72

Static analysis security

Wip Ai Devops Toolbox Private · Deterministic local checks for risky code patterns and metadata mismatches.

Scanner verdict

SuspiciousApr 30, 2026, 5:11 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.dangerous_execsuspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.4.5

Evidence

criticalai/repos/gstack-private/browse/test/commands.test.ts:672

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/scripts/dev-skill.ts:24

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/scripts/skill-check.ts:103

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/helpers/eval-store.ts:523

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/helpers/touchfiles.ts:165

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/hook-scripts.test.ts:12

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/skill-e2e.test.ts:163

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/skill-routing-e2e.test.ts:72

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/test/touchfiles.test.ts:155

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-branch-guard/guard.mjs:180

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-license-hook/dist/core/scanner.js:73

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-license-hook/src/core/scanner.ts:97

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-readme-format/format.mjs:354

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-release/core.mjs:227

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaltools/wip-universal-installer/install.js:35

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalai/repos/gstack-private/browse/src/cli.ts:20

Environment variable access combined with network send.

suspicious.env_credential_access

criticalai/repos/gstack-private/browse/src/server.ts:34

Environment variable access combined with network send.

suspicious.env_credential_access

criticalai/repos/gstack-private/browse/test/gstack-update-check.test.ts:22

Environment variable access combined with network send.

suspicious.env_credential_access

criticalai/repos/gstack-private/test/skill-e2e.test.ts:22

Environment variable access combined with network send.

suspicious.env_credential_access

criticaltools/wip-branch-guard/guard.mjs:30

Environment variable access combined with network send.

suspicious.env_credential_access

criticaltools/wip-release/core.mjs:1203

Environment variable access combined with network send.

suspicious.env_credential_access

warnai/repos/gstack-private/browse/src/cli.ts:63

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/repos/gstack-private/browse/test/gstack-update-check.test.ts:10

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/repos/gstack-private/browse/test/test-server.ts:37

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/repos/gstack-private/scripts/gen-skill-docs.ts:1152

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/repos/gstack-private/test/skill-e2e.test.ts:234

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/repos/gstack-private/test/skill-validation.test.ts:166

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warntools/wip-branch-guard/guard.mjs:12

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warntools/wip-license-hook/dist/core/scanner.js:5

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warntools/wip-license-hook/src/core/scanner.ts:6

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warntools/wip-release/core.mjs:9

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration