Skip to main content

Browse the directory

Showing 3 resources for "subprocess"
Saved
Active

Select entries to compare install and trust signals side by side.

Trust snapshot

3 results in this view

Safety notes
100%(3/3)
Privacy notes
100%(3/3)
Reviewed
100%(3/3)
Source-backed
100%(3/3)
Claimed
0%(0/3)

2 trust signals differ in this sample: Source provenance, Submitter

Signals differ on Source provenance, Submitter — add entries to compare before you install.

Rollout signal scan

1 rollout risk signal in current results

Biggest gaps: package integrity. 0 entries have 2+ required gaps.

3 scanned

Source provenance

Source provenance is broadly covered in current results.

good

100% (3/3)

Metadata review

Metadata review is broadly covered in current results.

good

100% (3/3)

Safety notes

Safety notes is broadly covered in current results.

good

100% (3/3)

Privacy notes

Privacy notes is broadly covered in current results.

good

100% (3/3)

Package integrity

Package integrity is sparse; verify before rollout decisions.

risk

0% (0/3)

Install payload

Install payload is broadly covered in current results.

good

100% (3/3)

Adoption queue

Browse adoption queue · balanced

0/3 visible results are ready for staged adoption under this preset.

ready 0caution 3hold 0

AI-Generated OS Command Injection Review Rules

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

rules/ai-generated-command-injection-review-rules · trust review · confidence 83%

Decision confidence

Decision confidence scan · balanced

0/3 results are high-confidence for the selected preset.

high 0medium 3low 0

Freshness distribution

Current results are broadly fresh

Median age 30 days; all 3 scanned entries are within 90 days.

median 30d

Fresh

≤ 30 days

67%

2 entries

Recent

31–90 days

33%

1 entry

Aging

91–180 days

0%

0 entries

Stale

> 180 days

0%

0 entries

Theme distribution

Themes are broadly spread across this view

15 distinct themes with no dominant one. Most common: agent-sdk, ai-generated-code, argument-injection.

Diverse

15 distinct themes across 3 scanned

rulesReview firstSource-backedReview firstClaude Code

Source-backed rules for reviewing AI-generated code that builds or runs operating-system commands, shell invocations, or subprocesses before merge for command injection and argument injection risk, covering library alternatives to shelling out, array-form process APIs, allowlist input validation, and least-privilege execution.

Safety Privacy
skillsReview firstSource-backedReview firstClaude CodeCodex

Expert capability pack for Agent SDK OpenTelemetry export using CLAUDE_CODE_ENABLE_TELEMETRY, OTLP exporters, and monitoring-usage reference variables documented for Claude Code CLI subprocesses.

Level:expertType:capability-packVerified:validated
Safety Privacy
guidesReview firstSource-backedReview firstClaude Code

Choose MCP transports for Claude Code and Agent SDK apps: stdio subprocesses, HTTP, SSE streams, WebSocket tradeoffs, timeouts, and enterprise network constraints.

Safety Privacy