clawpulse

clawhub:clawpulse

View source

92/100

First Seen

Feb 20, 2026

Last Scanned

Feb 22, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Cron or scheduled command execution CMDEXEC_011

command-execution L47

Detects cron jobs or scheduled tasks that execute commands

cron jobs for auto-push

FIX

Validate cron expressions and scheduled commands against an allowlist. Ensure scheduled tasks cannot be modified by untrusted input and log all cron job changes.

FP?

Likely FP if the match is a documentation reference to crontab syntax or a short mention of cron in a description of scheduling concepts.

LOW

Global package installation EXTDL_004

external-download L19

Detects global installation of packages which affects the host system

npm install -g o

FIX

Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.

FP?

Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.