Line Execution Checker

Warn

Audited by Socket on May 31, 2026

1 alert found:

Security
SecurityMEDIUM
line_checker.cpp

No clear evidence of overt malware (no network activity, data theft, or persistence) in the provided fragment. However, the code contains a high-impact command-injection vulnerability: it runs `system("gcov " + source_file + ... )` where `source_file` is derived from untrusted command-line input and is inserted into a shell command without sanitization/quoting. This makes the tool dangerous in untrusted or adversarial CI/workspace contexts.

Confidence: 84%Severity: 92%
Audit Metadata
Analyzed At
May 31, 2026, 12:33 AM
Package URL
pkg:socket/skills-sh/gadievron%2Fraptor%2Fline-execution-checker%2F@c6d96986d10068ba4e82e45482d542f3a08e6060
Security Audit — socket — Line Execution Checker