Skip to main content

Browse the directory

Showing 2 resources for "command-injection"
Saved
Active

Rollout signal scan

1 rollout risk signal in current results

Biggest gaps: package integrity. 0 entries have 2+ required gaps.

2 scanned

Source provenance

Source provenance is broadly covered in current results.

good

100% (2/2)

Metadata review

Metadata review is broadly covered in current results.

good

100% (2/2)

Safety notes

Safety notes is broadly covered in current results.

good

100% (2/2)

Privacy notes

Privacy notes is broadly covered in current results.

good

100% (2/2)

Package integrity

Package integrity is sparse; verify before rollout decisions.

risk

0% (0/2)

Install payload

Install payload is broadly covered in current results.

good

100% (2/2)

Adoption queue

Browse adoption queue · balanced

0/2 visible results are ready for staged adoption under this preset.

ready 0caution 2hold 0

AI-Generated OS Command Injection Review Rules

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

rules/ai-generated-command-injection-review-rules · trust review · confidence 83%

Decision confidence

Decision confidence scan · balanced

0/2 results are high-confidence for the selected preset.

high 0medium 2low 0

Freshness distribution

Current results are broadly fresh

Median age 22 days; all 2 scanned entries are within 90 days.

median 22d

Fresh

≤ 30 days

50%

1 entry

Recent

31–90 days

50%

1 entry

Aging

91–180 days

0%

0 entries

Stale

> 180 days

0%

0 entries

rulesReview firstSource-backedReview firstClaude Code

Source-backed rules for reviewing AI-generated code that builds or runs operating-system commands, shell invocations, or subprocesses before merge for command injection and argument injection risk, covering library alternatives to shelling out, array-form process APIs, allowlist input validation, and least-privilege execution.

Safety Privacy
rulesReview firstSource-backedReview firstClaude Code

Source-backed rules for AI coding agents that propose, compose, review, or run shell commands during coding sessions where quoting, expansion, command injection, file writes, network calls, and destructive operations can cause harm.

Safety Privacy