Safety notes
Verified with notes
Git-backed checkpoints and rewind/redo for bad agent edits.
Git-backed checkpoints and rewind/redo for bad agent edits.
Static scan findings
This is a first-pass static screen, not a formal audit. It flags patterns worth reading before install.
MEDIUM · spawn_shell
AGENTS.md
- Git (via `child_process.spawn`, no shell injection)- `pi.exec()` — Execute git commands- Use `spawn()` for git commands, never `exec()` with shell
MEDIUM · token_access
tests/e2e.sh
echo "secret data" > ignored/secret.txtassert "ignored/secret.txt still on disk" "[ -f '$TEST_DIR/ignored/secret.txt' ]"
MEDIUM · spawn_shell
src/core.ts
import { spawn } from "child_process";const proc = spawn("git", args, {
MEDIUM · token_access
docs/planning/2026-02-24/codex-research-report.md
tokens used
Package scripts captured
No package scripts captured.