music-downloader
Audited by Socket on Jul 5, 2026
1 alert found:
AnomalyNo direct evidence of classic malware behaviors (networking, credential theft, backdoor execution, encoded payloads) exists in this fragment; the script is a filesystem automation tool. The dominant security concern is supply-chain/safety risk from treating externally supplied JSON as authoritative and not enforcing that plan-specified $source paths are contained within the configured library root. As a result, a tampered plan could move (and thereby relocate/disrupt) MP3 content from arbitrary locations into the library, and it can perform recursive forced deletions of root-contained targets when deleteExisting is enabled. If the plan file and parameters are not tightly controlled (e.g., obtained securely and integrity-verified), the overall risk is moderate to high for unintended or unauthorized filesystem changes.