In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Arbitrary Argument Injection vulnerabilities in an interactive lesson.
Start learningUpgrade @grackle-ai/powerline to version 0.133.0 or higher.
@grackle-ai/powerline is a gRPC PowerLine server for Grackle AI agent integration
Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized input to the branch parameter in the SpawnSession process. An attacker can execute arbitrary commands as the application user on provisioned environments by supplying crafted branch names that are concatenated into a shell command without proper validation.