Ignore own process in root Node process check

npm-security-check.sh

@@ -108,12 +108,18 @@ else
         # Check if each root process is inside a Docker cgroup (normal)
         while IFS= read -r proc; do
             PID=$(echo "$proc" | awk '{print $2}')
+            CMD=$(cat /proc/"$PID"/cmdline 2>/dev/null | tr '\0' ' ' || echo 'unreadable')
+            # Skip this script's own process
+            if echo "$CMD" | grep -qF "npm-security-check.sh"; then
+                ok "PID $PID is this script running — not a threat"
+                continue
+            fi
             CGROUP=$(cat /proc/"$PID"/cgroup 2>/dev/null | grep -c "docker" || true)
             if [[ "$CGROUP" -gt 0 ]]; then
                 ok "PID $PID runs as root but is inside a Docker container (normal)"
             else
                 warn "PID $PID is a root Node process outside Docker — review manually"
-                log "  Command: $(cat /proc/"$PID"/cmdline 2>/dev/null | tr '\0' ' ' || echo 'unreadable')"
+                log "  Command: $CMD"
             fi
         done <<< "$ROOT_PROCS"
     else