Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- scripts/check_open_source_clean.cjs:39
- Evidence
return execFileSync('git', args, { encoding: 'utf8' }).trim();
Security audit
Security checks across malware telemetry and agentic risk
TeamChat appears to be a legitimate local chat workspace, but its server exposes sensitive tokens and workspace data through insufficiently protected endpoints.
Use TeamChat only in a trusted local environment unless you first harden the server. Set password authentication, bind it to localhost or place it behind access controls, do not configure real gateway tokens until the token endpoint is fixed, and treat the data directory as sensitive.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal
return execFileSync('git', args, { encoding: 'utf8' }).trim();const child = spawn(process.execPath, [serverFile], {const openclawHome = process.env.OPENCLAW_HOME || path.join(os.homedir(), '.openclaw');
const PORT = Number(process.env.PORT || 18788);
this.authToken = [REDACTED];
this.authToken = [REDACTED]();
this.authToken = [REDACTED];
this.authToken = [REDACTED]();
const password = [REDACTED]('password').value.trim();