First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
32
Score
92/100
Findings (32)
Detects privilege escalation patterns like setuid, chown root, or sudo with shell commands
sudo rm -rfAvoid depending on packages that could be subject to typosquatting or name confusion. Verify package ownership, check download counts, and audit the package source before adding dependencies.
Likely FP if the flagged package is a well-known, high-download-count package from a verified publisher.
Detects system-level package installation via brew, apt, yum, or dnf
brew install tPin system packages to specific versions where the package manager supports it. Document the exact packages required and prefer containerized environments to avoid system-wide changes.
Likely FP if the match is standard setup documentation listing well-known system packages (e.g., apt install git curl) that are prerequisites.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects system-level package installation via brew, apt, yum, or dnf
brew install tPin system packages to specific versions where the package manager supports it. Document the exact packages required and prefer containerized environments to avoid system-wide changes.
Likely FP if the match is standard setup documentation listing well-known system packages (e.g., apt install git curl) that are prerequisites.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.
Detects tmux/screen send-keys used to inject commands into terminal sessions
tmux send-keys Avoid sending unsanitized user input to tmux/screen sessions via send-keys. Use a controlled command dispatch mechanism instead of injecting commands into terminal multiplexers.
Likely FP if the match is in documentation describing tmux/screen workflow automation for the user themselves, not controlled by an external agent.