Skillv1.1.0

Static analysis security

小红书 MCP 服务 · Deterministic local checks for risky code patterns and metadata mismatches.

ReviewApr 30, 2026, 5:14 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.env_credential_access
Reason codes: suspicious.dangerous_execsuspicious.env_credential_access
Engine: v2.4.5

criticalscripts/ensure-service.js:48

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/ensure-service.js:15

Environment variable access combined with network send.

suspicious.env_credential_access