app.js rule:javascript.lang.security.detect-non-literal-require.detect-non-literal-require: Detected the use of require(variable). Calling require with a non-literal argument might allow an attacker to load an run arbitrary code, or access arbitrary files. Details: https://sg.run/zvNn 151: const route = require( `${dir}/${fname}` ); executors/javascript/executor.js rule:javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression: Detected eval(variable), which could allow a malicious actor to run arbitrary code. Details: https://sg.run/6nwK 102: eval( functionTemplate ); // eslint-disable-line no-eval executors/python3/executor.py rule:python.lang.security.audit.exec-detected.exec-detected: Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. Details: https://sg.run/ndRX 86: exec( 87: _FUNCTION_TEMPLATE.format( 88: function_name=function_name, 89: argument_list=",".join(argument_names), 90: implementation=implementation, 91: return_value=return_value, 92: ), 93: { 94: "_RESULT_CACHE": _RESULT_CACHE, 95: "ZPair": utils.ZPair, -------- [hid 9 additional lines, adjust with --max-lines-per-finding] --------- src/subprocess.js rule:javascript.lang.security.detect-child-process.detect-child-process: Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability. Details: https://sg.run/l2lo 12: const process = spawn( binary, args, options ); ran 245 rules on 106 files: 4 findings :...nt/abs-wiki/function-evaluator [maste