📝

Security Traps

2329

0次下载

4次浏览

2026/3/9

- `process.env` values are strings — `PORT=3000` is `"3000"`, parseInt needed - Missing env var is `undefined` — no error, check explicitly on startup - `eval()` with user input — remote code execution - `exec(userInput)` — command injection, use `execFile` with args array - Path traversal — `../../../etc/passwd`, validate with `path.resolve` + prefix check

securitycommand security openclaw archive backup

广告位 300x250

资源信息

数据来源: bigquery-gharchive
分类: security
创建时间: 2026/3/9
更新时间: 2026/4/26

登录后发表评论

加载中...

Security Traps

资源信息

评论 (0)

Security Guidelines

Swift Security

Security Reviewer

Go Security