imagine
Warn
Audited by Socket on Jun 23, 2026
1 alert found:
AnomalyAnomalyscripts/generate.js
LOWAnomalyLOW
scripts/generate.js
No strong indicators of intentional malware within this module (no eval/Function, no remote exfiltration to external domains, and no credential harvesting/persistence). However, the module does execute external code via runtime `npx openai-oauth` (supply-chain risk) and can disrupt local services by killing processes on a fixed port. It also records the full user prompt and output metadata to a local JSONL history file and writes decoded base64 images to a directory derived from user/config inputs without path sanitization, which can increase local-file-write and privacy risk in a misused context.
Confidence: 62%Severity: 55%
Audit Metadata