Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:21
- Evidence
const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {
Security audit
Security checks across malware telemetry and agentic risk
Guardian includes plausible security-monitoring components, but its metadata underdiscloses that it runs a persistent Python backend and exposes broad event-bus control functions.
Review this skill before installing. It appears to include useful security-monitoring code, but you should expect it to run python3 as a persistent local backend and store local audit data. Install only if you trust the publisher, can inspect the bridge/backend code, and are comfortable with the event-bus administration functions it exposes.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec, suspicious.exposed_secret_literal
const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {const proc = spawn("python3", [BRIDGE_SCRIPT, "--persistent"], {"Here is your API key: [REDACTED]",