cybercentry-wallet-verification

clawhub:cybercentry-wallet-verification

View source

100/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

100/100

LOW 5

Findings (5)

LOW

Shell script file execution CMDEXEC_013

command-execution L268

Detects execution of shell script files via bash/sh command or direct invocation

./reject-payment.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.

LOW

Shell script file execution CMDEXEC_013

command-execution L273

Detects execution of shell script files via bash/sh command or direct invocation

./process-payment.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.

LOW

Shell script file execution CMDEXEC_013

command-execution L278

Detects execution of shell script files via bash/sh command or direct invocation

./queue-for-review.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.

LOW

Shell script file execution CMDEXEC_013

command-execution L420

Detects execution of shell script files via bash/sh command or direct invocation

./process-deposit.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.

LOW

Shell script file execution CMDEXEC_013

command-execution L443

Detects execution of shell script files via bash/sh command or direct invocation

./create-listing.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.