langgraph

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] Benign: The fragment is a high-level, feature-rich documentation artifact for a graph-based AI workflow framework. Its described capabilities and data flows are coherent with the stated purpose and do not reveal malicious behavior or misalignment between claims and actions. Some patterns (e.g., issuing API calls, using environment-based credentials, potential eval usage in examples) require standard secure practices in real deployments, but there is no inherent malicious activity detected in the fragment itself. LLM verification: This Skill appears to implement its stated purpose (stateful, multi-agent LLM workflows) and does not contain clear, intentional malicious code in the provided fragment. The primary security concerns are: (1) accidental exfiltration of sensitive data because nodes receive full state and prompts are sent to an external LLM (ChatAnthropic) without shown redaction or allow-listing; (2) supply-chain risk from unpinned pip install instructions in the docs; and (3) incomplete documentation about where