Openclaw Msteams 2026.5.19.Tgz

AdvisoryAudited by Static analysis on May 20, 2026.

Overview

Detected: suspicious.exposed_secret_literal

Findings (5)

critical

suspicious.exposed_secret_literal

Location: dist/graph-users-ChPPxUzD.js:636
Finding: File appears to expose a hardcoded API secret or token.
Evidence: clientSecret: [REDACTED],

critical

suspicious.exposed_secret_literal

Location: dist/oauth-DsVj42gA.js:83
Finding: File appears to expose a hardcoded API secret or token.
Evidence: clientSecret: [REDACTED],

critical

suspicious.exposed_secret_literal

Location: dist/oauth.token-mUfXUE0j.js:27
Finding: File appears to expose a hardcoded API secret or token.
Evidence: client_secret: [REDACTED],

critical

suspicious.exposed_secret_literal

Location: dist/setup-surface-CVdYNhQt.js:504
Finding: File appears to expose a hardcoded API secret or token.
Evidence: clientSecret: [REDACTED]

critical

suspicious.exposed_secret_literal

Location: dist/src-D8GFAqC_.js:1083
Finding: File appears to expose a hardcoded API secret or token.
Evidence: accessToken: [REDACTED],