Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- dist/gateway-watchdog.js:86
- Evidence
const child = spawn(input.command, input.args, {
Security audit
Security checks across malware telemetry and agentic risk
OrgX appears aligned with its memory and coordination purpose, but it adds persistent cross-agent state and broad local command execution that users should review carefully before installing.
Before installing, decide whether you want OrgX to store and sync organizational context across agents and sessions. Use it only in trusted workspaces, review the local credential/state files, verify dashboard and terminal-command protections, and enable MCP auto-configuration, managed agent suite provisioning, telemetry, or watchdog behavior only if you need them.
66/66 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal
const child = spawn(input.command, input.args, {const child = spawn("node", [scriptPath], {const result = spawnSync(trimmed, ["--version"], {const child = spawn(input.command, input.args, {cp.exec(command, (error) => {exec(cmd, (err) => {execFileSync(command, args, {process.env.ORGX_DISABLE_MCP_CLIENT_AUTOCONFIG !== "1") {const raw = process.env[name];
const raw = (process.env[name] ?? "").trim();
process.env.ORGX_LLM_API_KEY ?? "",
const explicitEnable = isTruthyEnv(process.env.ORGX_TELEMETRY_ENABLED);
apiKey: [REDACTED],
apiKey: [REDACTED],
const apiKey = [REDACTED];
const apiKey = [REDACTED]();