Skillv2.1.4

Static analysis security

Web Search Pro · Deterministic local checks for risky code patterns and metadata mismatches.

ReviewApr 30, 2026, 4:57 AM

Summary: Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.4.5

criticalscripts/crawl.mjs:118

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/brave.mjs:71

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/exa.mjs:8

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/perplexity.mjs:9

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/querit.mjs:14

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/searxng.mjs:11

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/serpapi.mjs:7

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/serper.mjs:8

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/tavily.mjs:8

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/engines/you.mjs:64

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/extract.mjs:125

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/lib/bootstrap.mjs:90

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/lib/config.mjs:487

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/lib/planner.mjs:882

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/lib/providers.mjs:455

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/map.mjs:103

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/review.mjs:85

Environment variable access combined with network send.

suspicious.env_credential_access

warnscripts/lib/config.mjs:117

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnscripts/lib/health-state.mjs:82

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration