Skillv0.4.84

Static analysis security

Wip Ldm Os Private · Deterministic local checks for risky code patterns and metadata mismatches.

SuspiciousApr 30, 2026, 5:12 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.destructive_delete_command, suspicious.env_credential_access (+3 more)
Reason codes: suspicious.dangerous_execsuspicious.destructive_delete_commandsuspicious.env_credential_accesssuspicious.exposed_secret_literalsuspicious.potential_exfiltrationsuspicious.prompt_injection_instructions
Engine: v2.4.5

criticalbin/ldm.js:218

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticallib/bootstrap.mjs:18

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticallib/deploy.mjs:91

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticallib/state.mjs:92

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticallib/updates.mjs:131

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalsrc/bridge/core.ts:153

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalsrc/bridge/mcp-server.ts:520

Shell command execution detected (child_process).

suspicious.dangerous_exec

warnai/product/bugs/xai-grok/2026-04-10--cc-mini--finish-deprecating-old-xai-grok-repo.md:26

Documentation contains a destructive delete command without an explicit confirmation gate.

suspicious.destructive_delete_command

warnai/product/plans-prds/current/2026-03-17--install-everything-enable-disable.md:249

Documentation contains a destructive delete command without an explicit confirmation gate.

suspicious.destructive_delete_command

criticalbin/ldm.js:31

Environment variable access combined with network send.

suspicious.env_credential_access

criticalsrc/bridge/core.ts:40

Environment variable access combined with network send.

suspicious.env_credential_access

criticalsrc/hosted-mcp/server.mjs:29

Environment variable access combined with network send.

suspicious.env_credential_access

criticalai/product/plans-prds/codex-remote-control/2026-04-28--cc-mini--codex-remote-control-live-test-runbook.md:155

Documentation appears to expose a hardcoded API secret or token.

suspicious.exposed_secret_literal

warnbin/ldm.js:23

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnsrc/bridge/core.ts:5

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnsrc/hosted-mcp/server.mjs:8

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnai/research/2026-04-03--cc-mini--claude-md-organization-research.md:285

Prompt-injection style instruction pattern detected.

suspicious.prompt_injection_instructions