Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/runtime.js:451
- Evidence
const r = spawnSync("ows", ["--version"], { encoding: "utf8", timeout: 5000 });
Security audit
Security checks across malware telemetry and agentic risk
This looks like a real StablePay wallet/payment plugin, but it gives the agent high-impact signing and payment abilities without a clear per-use confirmation boundary.
Install only if you trust the StablePay publisher and backend. Before using real funds or real OWS credentials, set conservative limits, keep auto-purchase disabled or at 0 unless intended, require manual review for each signature/payment, and verify the configured backend and OWS REST URLs.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.install_untrusted_source
const r = spawnSync("ows", ["--version"], { encoding: "utf8", timeout: 5000 });const r = spawnSync("ows", ["--version"], { encoding: "utf8", timeout: 5000 });const token = process.env[this.cfg.owsRestApiKeyEnv];
const PORT = Number(process.env.PORT || 8787);
const token = process.env[this.cfg.owsRestApiKeyEnv];
"backendBaseUrl": "http://127.0.0.1:28080",
"default": "http://127.0.0.1:8080",