Environment variable access combined with network send.
Critical
- Code
- suspicious.env_credential_access
- Location
- dist/mcp-server.js:572
- Evidence
const fromEnv = (process.env[config.apiKeyEnv] ?? "").trim();
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a legitimate Postiz connector, but enabling write or delete tools lets an agent affect real social media accounts.
Install only if you trust this Postiz client package. Use environment variables for secrets, verify the Postiz base URL, keep write and delete gates disabled by default, and restrict upload roots to files you intentionally want agents to post.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.env_credential_access
const fromEnv = (process.env[config.apiKeyEnv] ?? "").trim();