git-hooks-setup

skills-sh:aj-geddes_useful-ai-prompts__git-hooks-setup

View source

68/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

68/100

MEDIUM 4

Findings (4)

MEDIUM

Node.js child process execution CMDEXEC_004

command-execution L62

Detects Node.js child_process methods for command execution

execSync('

FIX

Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.

FP?

Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).

MEDIUM

Node.js child process execution CMDEXEC_004

command-execution L74

Detects Node.js child_process methods for command execution

execSync(`

FIX

Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.

FP?

Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).

MEDIUM

Node.js child process execution CMDEXEC_004

command-execution L78

Detects Node.js child_process methods for command execution

execSync(`

FIX

Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.

FP?

Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).

MEDIUM

Node.js child process execution CMDEXEC_004

command-execution L82

Detects Node.js child_process methods for command execution

execSync(`

FIX

Use execFile() or spawn() with explicit argument arrays instead of exec() with a shell string. Validate all inputs before passing to child_process methods.

FP?

Likely FP if the match is in a README code example or package.json script field that runs a well-known CLI tool (e.g., eslint, tsc).