registry  /  @agentpager/cli  /  0.1.5

@agentpager/cli@0.1.5

⚠ Under review

AgentPager daemon — 手机遥控你电脑上的编程 Agent(Claude Code/Codex/Gemini 等 7 家)。配对后在微信小程序里实时查看会话、续聊、语音输入、发图。

Static Scan Results

scanned 8d ago · by rust-scanner

Static analysis flagged 18 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 1 file(s), 1.04 MB of source, external domains: api.anthropic.com, beacon.claude-ai.staging.ant.dev, claude-staging.fedstart.com, claude.ai, claude.com, claude.fedstart.com, docs.anthropic.com, docs.expo.dev, github.com, hooks.example.com, json-schema.org, mcp-proxy.anthropic.com, platform.claude.com, raw.githubusercontent.com, reviews.example.com, to50.cn, www.apple.com

Source & flagged code

8 flagged · loading source
dist/cli.jsView file
27`).filter(n=>n.startsWith("worktree ")).map(n=>Go(n.slice(9))):[]}catch{return[]}}function uL(e){let t=0;for(let r=0;r<e.length;r++)t=(t<<5)-t+e.charCodeAt(r)|0;return t}function d... L28: `).find(s=>s.includes('"parentUuid":'))??e,i=Wo(n,"sessionKind");return i==="daemon"||i==="daemon-worker"}function er(e){return typeof e!="string"?null:fL.test(e)?e:null}function z... L29: `)||await Lb(n,"drain");n.end(),await Lb(n,"finish")}catch(i){throw n.destroy(),i}}function F1(e){let t=0,r={commandFallback:""};for(;t<e.length;){let n=e.indexOf(` ... L38: `:`[${n[l]}\r L39: ]`;continue}i+=n[l],n[l]==="\\"?s=!0:a&&n[l]==="]"?a=!1:!a&&n[l]==="["&&(a=!0)}try{new RegExp(i)}catch{return console.warn(`Could not convert regex pattern at ${t.currentPath.join(... L40: `;try{s.appendFileSync(n,a)}catch{try{s.mkdirSync(vB(n)),s.appendFileSync(n,a)}catch{}}}function yB(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}function _B(e){let{buffer:t,by... ... L42: `,` L43: `),encoding:i,lineEndings:a}}function Jd(e){return wB(e).content}function TI(e){return e.startsWith("\uFEFF")?e.slice(1):e}function $B(e,{suffix:t="nodejs"}={}){if(typeof e!="strin... L44: `):e.streamInput(r).catch(i=>n.abort(i))}asy
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

dist/cli.jsView on unpkg · L27
2Trigger-reachable chain: manifest.bin -> dist/cli.js L2: import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s... L5: `).join(`\r
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s...
High
Child Process

Package source references child process execution.

dist/cli.jsView on unpkg · L2
98`))}St(`[Query.streamInput] Finished processing ${r} messages from input stream`),r>0&&this.hasBidirectionalNeeds()&&(St("[Query.streamInput] Has bidirectional needs, waiting for f... L99: `)).catch(i=>{St(`[Query.sendMcpServerMessageToCli] Transport write failed: ${i}`,{level:"error"})})}handleMcpControlRequest(t,r,n){let i="id"in r.message?r.message.id:null,s=`${t}... L100: `).filter(s=>s),n=Math.min(...r.map(s=>s.length-s.trimStart().length)),i=r.map(s=>s.slice(n)).map(s=>" ".repeat(this.indent*2)+s);for(let s of i)this.content.push(s)}compile(){let ...
High
Eval

Package source references dynamic code evaluation.

dist/cli.jsView on unpkg · L98
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s... L5: `).join(`\r
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s... L5: `).join(`\r ... L9: \r L10: `+r)}function ls(e,t,r,n,i,s){if(e.listenerCount("wsClientError")){let a=new Error(i);Error.captureStackTrace(a,ls),e.emit("wsClientError",a,r,t)}else ao(r,n,i,s)}});var U0=Rt((zG,... L11: `).map((o,l)=>({sign:"+",n:l+1,text:o}));return{path:i,verb:n,add:a.length,del:0,hunks:[{lines:a}]}}return{path:i,verb:n,...Xf(s)}}function s_(e,t){let r=String(t||"").replace(/\n$... ... L19: `))>=0;){let n=this._buf.slice(0,r);if(this._buf=this._buf.slice(r+1),!n.trim())continue;let i;try{i=JSON.parse(n)}catch{continue}if(i.id!=null&&(i.result!==void 0||i.error!==void ... L20: `).map(k=>k.trim()).filter(Boolean).slice(-3).join(" ");/not logged in|unauthor|login|sign in/i.test(c)?(r&&r("\u26A0\uFE0F \u672A\u7
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var UO=Object.create;var Sf=Object.defineProperty;var DO=Object.getOwnPropertyDescriptor;var LO=Object.getOwnPropertyNames;var zO=Object.getPrototypeOf,FO=Object.prototype.hasOwnPr... L4: `)[0],r=t.match(nT);return r?r[0]:t.slice(0,24)}async function aT(e){if(If.has(e))return If.get(e);let t=iT[e]||e,r="";try{let{stdout:n}=await eT(t,["--version"],{timeout:3e3});r=s... L5: `).join(`\r ... L9: \r L10: `+r)}function ls(e,t,r,n,i,s){if(e.listenerCount("wsClientError")){let a=new Error(i);Error.captureStackTrace(a,ls),e.emit("wsClientError",a,r,t)}else ao(r,n,i,s)}});var U0=Rt((zG,... L11: `).map((o,l)=>({sign:"+",n:l+1,text:o}));return{path:i,verb:n,add:a.length,del:0,hunks:[{lines:a}]}}return{path:i,verb:n,...Xf(s)}}function s_(e,t){let r=String(t||"").replace(/\n$... ... L19: `))>=0;){let n=this._buf.slice(0,r);if(this._buf=this._buf.slice(r+1),!n.trim())continue;let i;try{i=JSON.parse(n)}catch{continue}if(i.id!=null&&(i.result!==void 0||i.error!==void ... L20: `).map(k=>k.trim()).filter(Boolean).slice(-3).join(" ");/not logged in|unauthor|login|sign in/i.test(c)?(r&&r("\u26A0\uFE0F \u672A\u7
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/cli.jsView on unpkg · L2

Findings

2 Critical4 High4 Medium8 Low
CriticalRemote Asset Decode Executedist/cli.js
CriticalTrigger Reachable Dangerous Capabilitydist/cli.js
HighChild Processdist/cli.js
HighEvaldist/cli.js
HighSame File Env Network Executiondist/cli.js
HighCommand Output Exfiltrationdist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/cli.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License