ddg

clawhub:ddg

View source

92/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

92/100

MEDIUM 1

LOW 2

Findings (3)

MEDIUM

Shell profile modification for persistence EXTDL_005

external-download L107

Detects instructions to modify shell config files for environment persistence

Add to `~/.bashrc` or `~/.zshrc

FIX

Avoid modifying shell profiles (.bashrc, .zshrc, .profile) programmatically. Instruct users to add PATH entries manually, or use a version manager (nvm, pyenv) instead.

FP?

Likely FP if the match is documentation showing how to add a tool to PATH manually, especially if it only appends to PATH without modifying other settings.

LOW

System package manager install EXTDL_011

external-download L21

Detects system-level package installation via brew, apt, yum, or dnf

apt-get install d

FIX

Pin system packages to specific versions where the package manager supports it. Document the exact packages required and prefer containerized environments to avoid system-wide changes.

FP?

Likely FP if the match is standard setup documentation listing well-known system packages (e.g., apt install git curl) that are prerequisites.

LOW

Git clone and execute chain SUPPLY_012

supply-chain L26

Detects git clone of repositories followed by execution of cloned content

git clone https://github.com/jarun/ddgr.git + make install

FIX

Review the dependency tree for nested or transitive dependencies that introduce risk. Use tools like npm audit or pip-audit to identify known vulnerabilities in the dependency chain.

FP?

Likely FP if the flagged dependency is a standard, widely-used library with no known vulnerabilities at the time of scanning.