B
85/100 First Seen
Feb 19, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
85/100
HIGH 1
Findings (1)
HIGH
Node.js child process execution
L192 Detects Node.js child_process methods for command execution
child_process.exec( FIX
Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.
FP?
Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).