clawkeep

clawhub:clawkeep

View source

100/100

First Seen

Feb 19, 2026

Last Scanned

Feb 22, 2026

Findings

Score

100/100

LOW 2

Findings (2)

LOW

Global package installation EXTDL_004

external-download L14

Detects global installation of packages which affects the host system

npm install -g c

FIX

Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.

FP?

Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.

LOW

Non-standard port communication EXFIL_010

exfiltration L117

Detects outbound connections to non-standard ports

nc --interval 10000

FIX

Restrict network connections to standard ports (80, 443) and explicitly allowlisted service ports. Block connections to unusual ports that could indicate covert channels.

FP?

Likely FP if the non-standard port is localhost (127.0.0.1) used for local development servers (e.g., port 3000, 8080, 5432 for a local database).