critical
suspicious.env_credential_access
- Location
- tests/malicious-obfuscated/optimize.js:4
- Finding
- Environment variable access combined with network send.
Yoder Skill Auditor
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access, suspicious.potential_exfiltration, suspicious.prompt_injection_instructions
Findings (7)
critical
suspicious.env_credential_access
- Location
- tests/malicious-timebomb/scheduler.js:6
- Finding
- Environment variable access combined with network send.
critical
suspicious.potential_exfiltration
- Location
- audit.sh:327
- Finding
- Shell script base64-encodes a local file and sends it over the network.
warn
suspicious.potential_exfiltration
- Location
- tests/malicious-obfuscated/optimize.js:4
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.potential_exfiltration
- Location
- tests/malicious-timebomb/scheduler.js:6
- Finding
- Sensitive-looking file read is paired with a network send.
warn
suspicious.prompt_injection_instructions
- Location
- CHANGELOG.md:20
- Finding
- Prompt-injection style instruction pattern detected.
warn
suspicious.prompt_injection_instructions
- Location
- tests/malicious-prompt-injection/SKILL.md:5
- Finding
- Prompt-injection style instruction pattern detected.