registry  /  @agent-native/core  /  0.84.53

@agent-native/core@0.84.53

⚠ Under review

Framework for agent-native application development — where AI agents and UI share SQL state, actions, and context

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 40 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5,017 file(s), 43.2 MB of source, external domains: 127.0.0.1, accounts.google.com, agent-native-artifact.invalid, agent-native.com, agent-native.invalid, agent-native.local, aistudio.google.com, amplitude.com, an.invalid, analytics.agent-native.com, analytics.example.com, analytics.google.com, analyticsdata.googleapis.com, api.anthropic.com, api.apollo.io, api.brandfetch.io, api.builder.io, api.commonroom.io, api.dataforseo.com, api.exa.ai, api.example.com, api.figma.com, api.firecrawl.dev, api.github.com, api.gong.io, api.groq.com, api.hubapi.com, api.logo.dev, api.mixpanel.com, api.notion.com, api.openai.com, api.resend.com, api.search.brave.com, api.sendgrid.com, api.slack.com, api.stripe.com, api.tavily.com, api.telegram.org, api.twitterapi.io, api.usepylon.com, api.zoom.us, api2.amplitude.com, apis.google.com, apolloio.github.io, app.amplitude.com, app.apollo.io, app.dataforseo.com, app.gong.io, app.hubspot.com, app.posthog.com

Source & flagged code

32 flagged · loading source
dist/server/onboarding-html.jsView file
70patternName = generic_password severity = medium line = 70 matchedText = password...rd",
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/server/onboarding-html.jsView on unpkg · L70
330patternName = generic_password severity = medium line = 330 matchedText = password...ña",
Medium
Secret Pattern

Hardcoded password in dist/server/onboarding-html.js

dist/server/onboarding-html.jsView on unpkg · L330
416patternName = generic_password severity = medium line = 416 matchedText = password...se",
Medium
Secret Pattern

Hardcoded password in dist/server/onboarding-html.js

dist/server/onboarding-html.jsView on unpkg · L416
502patternName = generic_password severity = medium line = 502 matchedText = password...rt",
Medium
Secret Pattern

Hardcoded password in dist/server/onboarding-html.js

dist/server/onboarding-html.jsView on unpkg · L502
932patternName = generic_password severity = medium line = 932 matchedText = password...ور",
Medium
Secret Pattern

Hardcoded password in dist/server/onboarding-html.js

dist/server/onboarding-html.jsView on unpkg · L932
bin/agent-native.jsView file
2L3: import { spawn } from "node:child_process"; L4: import { existsSync } from "node:fs";
High
Child Process

Package source references child process execution.

bin/agent-native.jsView on unpkg · L2
11if (existsSync(distEntry)) { L12: await import(pathToFileURL(distEntry).href); L13: } else {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/agent-native.jsView on unpkg · L11
dist/coding-tools/index.jsView file
307cwd, L308: shell: true, L309: stdio: ["pipe", "pipe", "pipe"],
High
Shell

Package source references shell execution.

dist/coding-tools/index.jsView on unpkg · L307
dist/server/prompts/framework-core.jsView file
35const securityRule = hasDatabaseWrites L36: ? "7. **Security** — Always use `defineAction` with a Zod `schema:` for input validation. Never construct SQL with string concatenation — use parameterized queries via db-query/db-... L37: : hasDatabaseTools
High
Eval

Package source references dynamic code evaluation.

dist/server/prompts/framework-core.jsView on unpkg · L35
corpus/core/src/cli/migrate.tsView file
16const __filename = fileURLToPath(import.meta.url); L17: const __dirname = path.dirname(__filename); L18: ... L32: "COHERE_API_KEY", L33: "BUILDER_PRIVATE_KEY", L34: ]; ... L86: redirects: Array<Record<string, unknown>>; L87: metadata: Record<string, unknown>; L88: }; ... L592: ` App: ${appDir}`, L593: ` URL: http://localhost:${MIGRATION_DEV_PORT}/`, L594: "",
Low
Weak Crypto

Package source references weak cryptographic algorithms.

corpus/core/src/cli/migrate.tsView on unpkg · L16
dist/terminal/pty-server.jsView file
84} L85: export async function createPtyWebSocketServer(options = {}) { L86: const { appDir = process.cwd(), command: defaultCommand = "claude", port = 0, authCheck, logPrefix = "[terminal]", } = options; ... L90: const resolvedAppDir = path.resolve(appDir); L91: const shell = os.platform() === "win32" ? "cmd.exe" : process.env.SHELL || "/bin/zsh"; L92: const server = createHttpServer((req, res) => {
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/terminal/pty-server.jsView on unpkg · L84
dist/cli/pr-visual-recap-workflow.jsView file
7*/ L8: export const PR_VISUAL_RECAP_WORKFLOW_YML = 'name: PR Visual Recap\n\n# Visual code review: a coding agent runs the repo\'s visual-recap skill over the\n# PR diff, publishes a plan... L9: //# sourceMappingURL=pr-visual-recap-workflow.js.map
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/cli/pr-visual-recap-workflow.jsView on unpkg · L7
7Trigger-reachable chain: manifest.exports -> dist/cli/skills.js -> dist/cli/recap.js -> dist/cli/pr-visual-recap-workflow.js L7: */ L8: export const PR_VISUAL_RECAP_WORKFLOW_YML = 'name: PR Visual Recap\n\n# Visual code review: a coding agent runs the repo\'s visual-recap skill over the\n# PR diff, publishes a plan... L9: //# sourceMappingURL=pr-visual-recap-workflow.js.map
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/cli/pr-visual-recap-workflow.jsView on unpkg · L7
dist/server/design-token-utils.jsView file
3* L4: * Pure functions for parsing Tailwind configs, CSS files, package.json, L5: * documents, and URLs to extract colors, fonts, spacing, border-radius, ... L129: throw new Error("Could not parse GitHub owner/repo from URL. " + L130: 'Expected format: "https://github.com/org/repo", "org/repo", or "git@github.com:org/repo.git"'); L131: } ... L150: try { L151: const body = (await res.json()); L152: if (typeof body.message === "string") ... L164: } L165: return { ok: false, status: res.status, data: null, message }; L166: }
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/server/design-token-utils.jsView on unpkg · L3
dist/server/action-discovery.jsView file
198package = @agent-native/core; repositoryIdentity = agent-native; dependency = jiti L198: throw err; L199: const { createJiti } = await import("jiti"); L200: const jiti = createJiti(pathToFileURL(filePath).href, {
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/server/action-discovery.jsView on unpkg · L198
dist/cli/index.jsView file
1Cross-file remote execution chain: dist/cli/index.js spawns dist/deploy/build.js; helper contains network access plus dynamic code execution. L1: #!/usr/bin/env node L2: import { execSync, spawn } from "child_process"; L3: import fs from "fs"; ... L9: try { L10: const __dirname = path.dirname(fileURLToPath(import.meta.url)); L11: // dist/cli/index.js → ../../package.json L12: const pkg = JSON.parse(fs.readFileSync(path.resolve(__dirname, "../../package.json"), "utf-8")); L13: _version = pkg.version; ... L24: console.error(`agent-native requires Node.js ${REQUIRED_NODE_MAJOR} or newer, but you're on Node ${process.versions.node}.\n` + L25: `Upgrade Node (https://nodejs.org) and re-run. With nvm: \`nvm install ${REQUIRED_NODE_MAJOR}\`.`); L26: process.exit(1); ... L111: }
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/cli/index.jsView on unpkg · L1
corpus/core/src/server/onboarding-html.tsView file
93patternName = generic_password severity = medium line = 93 matchedText = password...rd",
Medium
Secret Pattern

Hardcoded password in corpus/core/src/server/onboarding-html.ts

corpus/core/src/server/onboarding-html.tsView on unpkg · L93
367patternName = generic_password severity = medium line = 367 matchedText = password...ña",
Medium
Secret Pattern

Hardcoded password in corpus/core/src/server/onboarding-html.ts

corpus/core/src/server/onboarding-html.tsView on unpkg · L367
464patternName = generic_password severity = medium line = 464 matchedText = password...se",
Medium
Secret Pattern

Hardcoded password in corpus/core/src/server/onboarding-html.ts

corpus/core/src/server/onboarding-html.tsView on unpkg · L464
562patternName = generic_password severity = medium line = 562 matchedText = password...rt",
Medium
Secret Pattern

Hardcoded password in corpus/core/src/server/onboarding-html.ts

corpus/core/src/server/onboarding-html.tsView on unpkg · L562
1037patternName = generic_password severity = medium line = 1037 matchedText = password...ور",
Medium
Secret Pattern

Hardcoded password in corpus/core/src/server/onboarding-html.ts

corpus/core/src/server/onboarding-html.tsView on unpkg · L1037
corpus/templates/clips/app/i18n/fr-FR.tsView file
1329patternName = generic_password severity = medium line = 1329 matchedText = password...se",
Medium
Secret Pattern

Hardcoded password in corpus/templates/clips/app/i18n/fr-FR.ts

corpus/templates/clips/app/i18n/fr-FR.tsView on unpkg · L1329
corpus/templates/clips/app/i18n/ar-SA.tsView file
1303patternName = generic_password severity = medium line = 1303 matchedText = password...ور",
Medium
Secret Pattern

Hardcoded password in corpus/templates/clips/app/i18n/ar-SA.ts

corpus/templates/clips/app/i18n/ar-SA.tsView on unpkg · L1303
corpus/templates/clips/app/i18n/de-DE.tsView file
1335patternName = generic_password severity = medium line = 1335 matchedText = password...rt",
Medium
Secret Pattern

Hardcoded password in corpus/templates/clips/app/i18n/de-DE.ts

corpus/templates/clips/app/i18n/de-DE.tsView on unpkg · L1335
corpus/templates/clips/app/i18n/en-US.tsView file
1296patternName = generic_password severity = medium line = 1296 matchedText = password...rd",
Medium
Secret Pattern

Hardcoded password in corpus/templates/clips/app/i18n/en-US.ts

corpus/templates/clips/app/i18n/en-US.tsView on unpkg · L1296
corpus/templates/clips/app/i18n/es-ES.tsView file
1327patternName = generic_password severity = medium line = 1327 matchedText = password...ña",
Medium
Secret Pattern

Hardcoded password in corpus/templates/clips/app/i18n/es-ES.ts

corpus/templates/clips/app/i18n/es-ES.tsView on unpkg · L1327
corpus/templates/plan/app/i18n/fr-FR.tsView file
472patternName = generic_password severity = medium line = 472 matchedText = password...se",
Medium
Secret Pattern

Hardcoded password in corpus/templates/plan/app/i18n/fr-FR.ts

corpus/templates/plan/app/i18n/fr-FR.tsView on unpkg · L472
corpus/templates/plan/app/i18n/ar-SA.tsView file
639patternName = generic_password severity = medium line = 639 matchedText = password...ور",
Medium
Secret Pattern

Hardcoded password in corpus/templates/plan/app/i18n/ar-SA.ts

corpus/templates/plan/app/i18n/ar-SA.tsView on unpkg · L639
corpus/templates/plan/app/i18n/de-DE.tsView file
651patternName = generic_password severity = medium line = 651 matchedText = password...rt",
Medium
Secret Pattern

Hardcoded password in corpus/templates/plan/app/i18n/de-DE.ts

corpus/templates/plan/app/i18n/de-DE.tsView on unpkg · L651
corpus/templates/plan/app/i18n/en-US.tsView file
628patternName = generic_password severity = medium line = 628 matchedText = password...rd",
Medium
Secret Pattern

Hardcoded password in corpus/templates/plan/app/i18n/en-US.ts

corpus/templates/plan/app/i18n/en-US.tsView on unpkg · L628
corpus/templates/plan/app/i18n/es-ES.tsView file
470patternName = generic_password severity = medium line = 470 matchedText = password...ña",
Medium
Secret Pattern

Hardcoded password in corpus/templates/plan/app/i18n/es-ES.ts

corpus/templates/plan/app/i18n/es-ES.tsView on unpkg · L470
corpus/templates/analytics/server/lib/demo-source.tsView file
28patternName = generic_password severity = medium line = 28 matchedText = password...RD",
Medium
Secret Pattern

Hardcoded password in corpus/templates/analytics/server/lib/demo-source.ts

corpus/templates/analytics/server/lib/demo-source.tsView on unpkg · L28

Findings

2 Critical7 High25 Medium6 Low
CriticalCredential Exfiltrationdist/cli/pr-visual-recap-workflow.js
CriticalTrigger Reachable Dangerous Capabilitydist/cli/pr-visual-recap-workflow.js
HighChild Processbin/agent-native.js
HighShelldist/coding-tools/index.js
HighEvaldist/server/prompts/framework-core.js
HighSame File Env Network Executiondist/terminal/pty-server.js
HighCloud Metadata Accessdist/server/design-token-utils.js
HighCopied Package Dependency Bridgedist/server/action-discovery.js
HighCross File Remote Execution Contextdist/cli/index.js
MediumSecret Patterndist/server/onboarding-html.js
MediumDynamic Requirebin/agent-native.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/server/onboarding-html.js
MediumSecret Patterndist/server/onboarding-html.js
MediumSecret Patterndist/server/onboarding-html.js
MediumSecret Patterndist/server/onboarding-html.js
MediumSecret Patterncorpus/core/src/server/onboarding-html.ts
MediumSecret Patterncorpus/core/src/server/onboarding-html.ts
MediumSecret Patterncorpus/core/src/server/onboarding-html.ts
MediumSecret Patterncorpus/core/src/server/onboarding-html.ts
MediumSecret Patterncorpus/core/src/server/onboarding-html.ts
MediumSecret Patterncorpus/templates/clips/app/i18n/fr-FR.ts
MediumSecret Patterncorpus/templates/clips/app/i18n/ar-SA.ts
MediumSecret Patterncorpus/templates/clips/app/i18n/de-DE.ts
MediumSecret Patterncorpus/templates/clips/app/i18n/en-US.ts
MediumSecret Patterncorpus/templates/clips/app/i18n/es-ES.ts
MediumSecret Patterncorpus/templates/plan/app/i18n/fr-FR.ts
MediumSecret Patterncorpus/templates/plan/app/i18n/ar-SA.ts
MediumSecret Patterncorpus/templates/plan/app/i18n/de-DE.ts
MediumSecret Patterncorpus/templates/plan/app/i18n/en-US.ts
MediumSecret Patterncorpus/templates/plan/app/i18n/es-ES.ts
MediumSecret Patterncorpus/templates/analytics/server/lib/demo-source.ts
LowScripts Present
LowWeak Cryptocorpus/core/src/cli/migrate.ts
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings