A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
Environment variable credential in POST data
L65 Detects credential environment variables used as POST body data in network commands
send ... --private-key $ETH_PRIVATE_KEY FIX
Prevent the tool from accessing and transmitting system information (hostname, IP, OS version, running processes). Restrict system info access to what is strictly necessary.
FP?
Likely FP if the match is in a diagnostic or debug description where reporting system info to the user (not an external service) is intended.