Wip Xai X Private

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.dangerous_exec, suspicious.exposed_secret_literal

Findings (2)

critical

suspicious.dangerous_exec

Location: auth.mjs:19
Finding: Shell command execution detected (child_process).

critical

suspicious.exposed_secret_literal

Location: auth.mjs:75
Finding: File appears to expose a hardcoded API secret or token.