Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:21
- Evidence
const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {
Security audit
Security checks across malware telemetry and agentic risk
This skill appears to run a persistent local Python workflow/event-bus process even though the registry says it is instruction-only with no required binaries, and its exposed behavior does not fully match its description.
Review this skill before installing. It should be treated as a local code-executing workflow/event engine that starts a persistent Python bridge and stores workflow data on disk, not as an instruction-only skill. Install only if you are comfortable with that behavior, verify the source/provenance, and require approval for reset, replay, compaction, or self-healing actions that could change workflow state.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution
const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {No eval(), no exec(), no filesystem access.