AliMerce 商城助手

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.env_credential_access

Findings (1)

critical

suspicious.env_credential_access

Location: index.js:10
Finding: Environment variable access combined with network send.
Evidence: const baseUrl = process.env.ALIMERCE_API_URL || 'http://localhost:3000/api';