First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
4
Score
100/100
Findings (4)
Detects global installation of packages which affects the host system
npm install -g gReplace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.
Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.
Detects URLs fetched at runtime that control or influence agent behavior without pinning
load https:// + templateAvoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.
Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.
Detects references to raw.githubusercontent.com on mutable branches like main/master
github.com/user/repo/blob/main/README.mdReplace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.
Detects references to raw.githubusercontent.com on mutable branches like main/master
github.com/org/configs/blob/main/.eslintrc.jsonReplace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.