Policy Layer (CBS) + Security Layers

AdvisoryAudited by Static analysis on May 19, 2026.

Overview

Detected: suspicious.exposed_secret_literal, suspicious.nonstandard_network

Findings (2)

critical

suspicious.exposed_secret_literal

Location: tests/unit/security.test.ts:202
Finding: File appears to expose a hardcoded API secret or token.
Evidence: const { redacted } = redactSecrets('Authorization: Bearer [REDACTED]');

warn

suspicious.nonstandard_network

Location: tests/integration/hook-simulation.test.ts:187
Finding: WebSocket connection to non-standard port detected.
Evidence: const ws = new WebSocket('ws://127.0.0.1:18789/acp', {