push-notification-tester
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The code performs its stated function using standard industry practices.
- [COMMAND_EXECUTION]: The scripts send-ios-push.js and send-android-push.js include logic to run 'npm install' via child_process.execSync if dependencies are missing. This is a common pattern for self-contained script utilities and targets the official NPM registry.
- [CREDENTIALS_UNSAFE]: The scripts process sensitive local files like .pem certificates and .json service accounts. This access is authorized by the user through command-line arguments and is required for the tool's primary purpose of sending authenticated push notifications.
Audit Metadata