yuque-document-management
Warn
Audited by Socket on May 18, 2026
1 alert found:
AnomalyAnomalyCleanData.cs
LOWAnomalyLOW
CleanData.cs
This module is not indicative of covert malware (no exfiltration, credential theft, obfuscation, or command execution observed). However, it is intentionally destructive and carries significant security/operational risk: it drops configured KV stores, deletes local cache/task JSON files under a configurable WorkingDir, deletes Qdrant collections by prefix, and performs an unscoped Neo4j DETACH DELETE of all nodes in the connected database. If run with incorrect configuration or in production, it can cause severe data loss; review for invocation controls (environment gating, confirmations, stricter scoping for Neo4j/files) before use.
Confidence: 70%Severity: 66%
Audit Metadata