critical
suspicious.dangerous_exec
- Location
- dist/index.js:3688
- Finding
- Shell command execution detected (child_process).
- Evidence
const child = spawn(command, args, {
Agent Searchkit
AdvisoryAudited by Static analysis on May 16, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.install_untrusted_source
Findings (5)
critical
suspicious.dangerous_exec
- Location
- src/index.ts:5155
- Finding
- Shell command execution detected (child_process).
- Evidence
const child = spawn(command, args, {
critical
suspicious.env_credential_access
- Location
- dist/index.js:3690
- Finding
- Environment variable access combined with network send.
- Evidence
env: process.env,
critical
suspicious.env_credential_access
- Location
- src/index.ts:5157
- Finding
- Environment variable access combined with network send.
- Evidence
env: process.env,
warn
suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:13
- Finding
- Install source points to URL shortener or raw IP.
- Evidence
"default": "http://127.0.0.1:8888"