Close Open Privacy Scan

bolt Snapshot: commit 25d22f8
science engine v2
schedule 2026-07-01T13:45:17.693420+00:00

verified_user No application data leak found

No high-confidence exfiltration was found in application code.

App Privacy Score

97 /100
Low privacy risk

Low risk · 59 finding(s)

Dependency score: 100 (Low risk)

bar_chart Score Breakdown

env_fs −3

list Scan Summary

0 high 0 medium 59 low
First-party packages: 1
Dependency packages: 0
Ecosystem: npm

swap_horiz Application data flows

No high- or medium-confidence application data-flow findings in this scan.

</> First-Party Code

first-party (npm)

npm first-party
expand_more 59 low-confidence finding(s)
low env_fs production #b4f0e7df6e6faec0 Filesystem access.
repo/bin/install.js:18
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc444d23ecf56ba8 Environment-variable access.
repo/bin/install.js:36
const PINNED_REF = process.env.CAVEMAN_REF || 'v1.9.0';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #577f4e47c1a8139e Environment-variable access.
repo/bin/install.js:158
  const useColor = !noColor && process.stdout.isTTY && !process.env.NO_COLOR;

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7fc80c3ea1905251 Environment-variable access.
repo/bin/install.js:171
  if (process.env.WSL_DISTRO_NAME) {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c6fceed70c6453c Environment-variable access.
repo/bin/install.js:174
        '         (WSL_DISTRO_NAME=' + process.env.WSL_DISTRO_NAME + ')');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f9f0964219779ff Filesystem access.
repo/bin/install.js:177
    const v = fs.readFileSync('/proc/version', 'utf8').toLowerCase();

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80d01684d21675fb Environment-variable access.
repo/bin/install.js:583
  if (process.env.XDG_CONFIG_HOME) return path.join(process.env.XDG_CONFIG_HOME, 'opencode');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b73740847a148117 Filesystem access.
repo/bin/install.js:678
      fs.writeFileSync(dest, stripOpencodeAgentTools(fs.readFileSync(src, 'utf8')));

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0407d9ccdc299dda Filesystem access.
repo/bin/install.js:698
    const ruleBody = fs.readFileSync(path.join(repoRoot, 'src', 'rules', 'caveman-activate.md'), 'utf8').trimEnd() + '\n';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #770a405194c42cac Filesystem access.
repo/bin/install.js:701
      const existing = fs.readFileSync(agentsMd, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79c24849096f7893 Filesystem access.
repo/bin/install.js:714
          fs.writeFileSync(agentsMd, fencedBlock, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00ed6195f999f57f Filesystem access.
repo/bin/install.js:719
        fs.writeFileSync(agentsMd, existing + sep + fencedBlock, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f68be119ab29582f Filesystem access.
repo/bin/install.js:723
      fs.writeFileSync(agentsMd, fencedBlock, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #17ee841681259b2c Environment-variable access.
repo/bin/install.js:788
    workspace: process.env.OPENCLAW_WORKSPACE || undefined,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61597dd7a9be319f Filesystem access.
repo/bin/install.js:1012
  return crypto.createHash('sha256').update(fs.readFileSync(p)).digest('hex');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d78dab79d9f70f0a Filesystem access.
repo/bin/install.js:1025
    const txt = fs.readFileSync(tmp, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #184f10e2b20c9143 Filesystem access.
repo/bin/install.js:1147
      const body = fs.readFileSync(ocAgentsMd, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97e956c9d48d8241 Filesystem access.
repo/bin/install.js:1159
            fs.writeFileSync(ocAgentsMd, next, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86edd939980eb7e2 Environment-variable access.
repo/bin/install.js:1180
  const ocwWs = process.env.OPENCLAW_WORKSPACE || path.join(os.homedir(), '.openclaw', 'workspace');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #892306a7bfbb5a90 Environment-variable access.
repo/bin/install.js:1298
  const configDir = opts.configDir || process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), '.claude');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de9bcc1deb656533 Filesystem access.
repo/bin/lib/openclaw.js:25
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a27760bdafe54a26 Filesystem access.
repo/bin/lib/openclaw.js:41
  try { return fs.readFileSync(p, 'utf8'); } catch (_) { return null; }

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6601de68384aa65f Filesystem access.
repo/bin/lib/openclaw.js:131
  fs.writeFileSync(soulPath, next, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb7820cf055d61a7 Filesystem access.
repo/bin/lib/openclaw.js:153
  fs.writeFileSync(soulPath, next, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81c9a7a184f80239 Filesystem access.
repo/bin/lib/openclaw.js:189
  fs.writeFileSync(skillFile, merged, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #109d6cc6f563593d Filesystem access.
repo/bin/lib/settings.js:20
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47cf340c0a3d92fb Filesystem access.
repo/bin/lib/settings.js:72
  try { raw = fs.readFileSync(p, 'utf8'); }

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12c67e2b71122402 Filesystem access.
repo/bin/lib/settings.js:92
  fs.writeFileSync(tmp, JSON.stringify(obj, null, 2) + '\n', { mode: 0o600 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #740ea4a31f934941 Environment-variable access.
repo/bin/lib/settings.js:294
  if (process.env.CLAUDE_CONFIG_DIR) return process.env.CLAUDE_CONFIG_DIR;

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c8415c65edd5860 Filesystem access.
repo/src/hooks/caveman-activate.js:9
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6dac35c9e71edc09 Environment-variable access.
repo/src/hooks/caveman-activate.js:14
const claudeDir = process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), '.claude');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb4aca6905e745bb Filesystem access.
repo/src/hooks/caveman-activate.js:55
  skillContent = fs.readFileSync(
    path.join(__dirname, '..', 'skills', 'caveman', 'SKILL.md'), 'utf8'
  );

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9a35ba8a1ed1cac Filesystem access.
repo/src/hooks/caveman-activate.js:117
    const settings = JSON.parse(fs.readFileSync(settingsPath, 'utf8'));

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5fc6c3230c2b6d6f Filesystem access.
repo/src/hooks/caveman-config.js:18
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bec8f24f459a0a19 Environment-variable access.
repo/src/hooks/caveman-config.js:29
  if (process.env.XDG_CONFIG_HOME) {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b4baae45447a6b9 Environment-variable access.
repo/src/hooks/caveman-config.js:30
    return path.join(process.env.XDG_CONFIG_HOME, 'caveman');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #734581db3c550dab Environment-variable access.
repo/src/hooks/caveman-config.js:34
      process.env.APPDATA || path.join(os.homedir(), 'AppData', 'Roaming'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b7a9c484d59c7ad Filesystem access.
repo/src/hooks/caveman-config.js:78
    const raw = fs.readFileSync(configPath, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d1cb74349b3960f9 Environment-variable access.
repo/src/hooks/caveman-config.js:92
  const envMode = process.env.CAVEMAN_DEFAULT_MODE;

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa4164cd155f6416 Environment-variable access.
repo/src/hooks/caveman-config.js:133
  const debug = process.env.CAVEMAN_DEBUG === '1';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #16f14e406ac72fed Environment-variable access.
repo/src/hooks/caveman-config.js:250
  const debug = process.env.CAVEMAN_DEBUG === '1';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3456710ee7a2b5e7 Filesystem access.
repo/src/hooks/caveman-config.js:315
      raw = fs.readFileSync(fd, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #229412ab94f556a7 Filesystem access.
repo/src/hooks/caveman-mode-tracker.js:5
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a1c479ae21da815 Environment-variable access.
repo/src/hooks/caveman-mode-tracker.js:15
const claudeDir = process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), '.claude');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a385e6d8cf61785e Filesystem access.
repo/src/hooks/caveman-stats.js:10
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #081e0f8107ee79ce Filesystem access.
repo/src/hooks/caveman-stats.js:80
  try { raw = fs.readFileSync(filePath, 'utf8'); }

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #504c7f07d0fd7049 Environment-variable access.
repo/src/hooks/caveman-stats.js:288
  const claudeDir = process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), '.claude');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #616b99c611b75f22 Environment-variable access.
repo/src/mcp-servers/caveman-shrink/index.js:39
const debug = process.env.CAVEMAN_SHRINK_DEBUG === '1';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66e9c9723119aaef Environment-variable access.
repo/src/mcp-servers/caveman-shrink/index.js:40
const fields = (process.env.CAVEMAN_SHRINK_FIELDS || 'description')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e5c6fde5df6815d Filesystem access.
repo/src/plugins/opencode/plugin.js:63
  const code = readFileSync(target, 'utf8').replace(/^#![^\n]*\n/, '');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #daa001da23e710b4 Environment-variable access.
repo/src/plugins/opencode/plugin.js:82
  if (process.env.XDG_CONFIG_HOME) {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c70f668abcb3ea7 Environment-variable access.
repo/src/plugins/opencode/plugin.js:83
    return path.join(process.env.XDG_CONFIG_HOME, 'opencode');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5d3748c6d3f69b2 Filesystem access.
repo/src/tools/caveman-init.js:13
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b6ac66c9f3e7242 Filesystem access.
repo/src/tools/caveman-init.js:77
    if (fs.existsSync(local)) return fs.readFileSync(local, 'utf8').trimEnd() + '\n';

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22a60fabdc797166 Filesystem access.
repo/src/tools/caveman-init.js:92
      fs.writeFileSync(fullPath, agent.frontmatter + ruleBody, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #973019000bdc209f Filesystem access.
repo/src/tools/caveman-init.js:97
  const existing = fs.readFileSync(fullPath, 'utf8');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b78a100a526be903 Filesystem access.
repo/src/tools/caveman-init.js:105
      fs.writeFileSync(fullPath, existing + sep + ruleBody, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #274d055a4e6e91ac Filesystem access.
repo/src/tools/caveman-init.js:112
      fs.writeFileSync(fullPath, agent.frontmatter + ruleBody, { mode: 0o644 });

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4742529139e1415d Environment-variable access.
repo/src/tools/caveman-init.js:136
    workspace: process.env.OPENCLAW_WORKSPACE || undefined,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.