critical
suspicious.dangerous_exec
- Location
- dist/outbound-payload.test-harness-B8N8U_AA.js:3440
- Finding
- Shell command execution detected (child_process).
- Evidence
const parts = /(.+?)(?::(\d+))?(?::(\d+))?$/.exec(urlLike.replace(/^\(|\)$/g, ""));
Openclaw Slack 2026.5.19.Tgz
AdvisoryAudited by Static analysis on May 20, 2026.
Overview
Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution
Findings (2)
critical
suspicious.dynamic_code_execution
- Location
- dist/outbound-payload.test-harness-B8N8U_AA.js:10036
- Finding
- Dynamic code execution detected.
- Evidence
new Function("exports", snapshotContents)(data);