A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
Node.js child process execution
L144 Detects Node.js child_process methods for command execution
require("child_process").execSync( FIX
Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.
FP?
Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).