critical
suspicious.dangerous_exec
- Location
- scripts/content-generator.js:112
- Finding
- Shell command execution detected (child_process).
Smarter Content
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If the fact-check step runs on content containing shell syntax, commands could execute on the user’s machine with the agent’s permissions.
Why it was flagged
Generated article content is interpolated into a shell command. Escaping quotes does not prevent shell substitutions such as $() or backticks, so normal article text or attacker-influenced text could trigger local command execution.
Skill content
const cmd = `node ai-fact-checker/scripts/fact-check.js ... ${content.replace(...)} ...`; const result = execSync(cmd, ...);Recommendation
Replace shell-string execSync with execFile/spawn using an argument array, or call a reviewed fact-checker API directly. Do not pass article text through a shell.
What this means
Using the style-mimic feature with an untrusted or malformed URL could cause unintended local command execution or tool behavior.
Why it was flagged
The user-provided reference URL is embedded inside a shell-launched node command. If this path is runnable, a crafted URL can affect the shell command rather than being treated only as data.
Skill content
const content = execSync(`node -e "... webFetch('${url}', { extractMode: 'markdown' }) ..."`, ...);Recommendation
Do not wrap webFetch in a shell command. Pass the URL as data to a normal function call, validate allowed URL schemes, and avoid node -e for user-controlled inputs.
What this means
Fact-checking may fail, or the runtime may execute whatever local helper matches the expected path, making provenance unclear.
Why it was flagged
The skill describes an external fact-checker as optional but also relies on it for the automatic workflow; the supplied package does not include or pin that helper.
Skill content
`ai-fact-checker` - 用于写完自动核查事实准确性(推荐安装,可选但推荐)
Recommendation
Declare and pin external helpers, document exactly how they are installed, and avoid running relative-path helper scripts unless they are included and reviewed.
What this means
Users may over-trust generated articles and publish inaccurate content without independent review.
Why it was flagged
The documentation strongly implies factual accuracy is guaranteed, while the fact-checker is described elsewhere as optional and is implemented as a fallible helper.
Skill content
内置 SEO 优化 + AI 事实核查保证准确性
Recommendation
Treat fact-checking as assistance, not a guarantee, and manually verify important claims before publishing.