=========================================
Variant Analysis: GHSA-hmh4-3xvx-q5hr
Testing potential bypasses and variants
=========================================

Vulnerable version: /root/.pruva/runs/ghsa-hmh4-3xvx-q5hr_20260220-144417/repro/deno
deno 2.6.7 (stable, release, x86_64-unknown-linux-gnu)

Downloading fixed Deno v2.6.8 for comparison...
Fixed version: /tmp/deno_fixed_binary
deno 2.6.8 (stable, release, x86_64-unknown-linux-gnu)

=========================================

VARIANT 1: File parameter injection (when no args provided)
-----------------------------------------------------------
Testing if malicious shell commands in the 'file' parameter
can be exploited when args array is empty

Testing on vulnerable version...
  Running test...
VARIANT 1 VULNERABLE: File parameter injection worked
  RESULT: BLOCKED - marker file not created