Skillv2.1.0

Static analysis security

Melies · Deterministic local checks for risky code patterns and metadata mismatches.

ReviewApr 30, 2026, 5:15 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.dangerous_execsuspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.4.5

criticalsrc/commands/login.ts:14

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticaldist/index.js:42

Environment variable access combined with network send.

suspicious.env_credential_access

warndist/index.js:47

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration