registry  /  @agentpager/cli  /  0.2.4

@agentpager/cli@0.2.4

⚠ Under review

AgentPager daemon — 手机遥控你电脑上的编程 Agent(Claude Code/Codex/Gemini 等 7 家)。配对后在微信小程序里实时查看会话、续聊、语音输入、发图。

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 1.05 MB of source, external domains: api.anthropic.com, beacon.claude-ai.staging.ant.dev, claude-staging.fedstart.com, claude.ai, claude.com, claude.fedstart.com, docs.anthropic.com, docs.expo.dev, github.com, hooks.example.com, json-schema.org, mcp-proxy.anthropic.com, platform.claude.com, raw.githubusercontent.com, reviews.example.com, to50.cn, www.apple.com

Source & flagged code

8 flagged · loading source
dist/cli.jsView file
29`).filter(n=>n.startsWith("worktree ")).map(n=>tl(n.slice(9))):[]}catch{return[]}}function jL(t){let e=0;for(let r=0;r<t.length;r++)e=(e<<5)-e+t.charCodeAt(r)|0;return e}function M... L30: `).find(s=>s.includes('"parentUuid":'))??t,i=Xo(n,"sessionKind");return i==="daemon"||i==="daemon-worker"}function er(t){return typeof t!="string"?null:UL.test(t)?t:null}function n... L31: `)||await iw(n,"drain");n.end(),await iw(n,"finish")}catch(i){throw n.destroy(),i}}function sS(t){let e=0,r={commandFallback:""};for(;e<t.length;){let n=t.indexOf(` ... L40: `:`[${n[l]}\r L41: ]`;continue}i+=n[l],n[l]==="\\"?s=!0:a&&n[l]==="]"?a=!1:!a&&n[l]==="["&&(a=!0)}try{new RegExp(i)}catch{return console.warn(`Could not convert regex pattern at ${e.currentPath.join(... L42: `;try{s.appendFileSync(n,a)}catch{try{s.mkdirSync(qB(n)),s.appendFileSync(n,a)}catch{}}}function BB(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}function ZB(t){let{buffer:e,by... ... L44: `,` L45: `),encoding:i,lineEndings:a}}function af(t){return HB(t).content}function GI(t){return t.startsWith("\uFEFF")?t.slice(1):t}function JB(t,{suffix:e="nodejs"}={}){if(typeof t!="strin... L46: `):t.streamInput(r).catch(i=>n.abort(i))}asy
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

dist/cli.jsView on unpkg · L29
2Trigger-reachable chain: manifest.bin -> dist/cli.js L2: import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O... L5: `).join(`\r
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O...
High
Child Process

Package source references child process execution.

dist/cli.jsView on unpkg · L2
100`))}xt(`[Query.streamInput] Finished processing ${r} messages from input stream`),r>0&&this.hasBidirectionalNeeds()&&(xt("[Query.streamInput] Has bidirectional needs, waiting for f... L101: `)).catch(i=>{xt(`[Query.sendMcpServerMessageToCli] Transport write failed: ${i}`,{level:"error"})})}handleMcpControlRequest(e,r,n){let i="id"in r.message?r.message.id:null,s=`${e}... L102: `).filter(s=>s),n=Math.min(...r.map(s=>s.length-s.trimStart().length)),i=r.map(s=>s.slice(n)).map(s=>" ".repeat(this.indent*2)+s);for(let s of i)this.content.push(s)}compile(){let ...
High
Eval

Package source references dynamic code evaluation.

dist/cli.jsView on unpkg · L100
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O... L5: `).join(`\r
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O... L5: `).join(`\r ... L9: \r L10: `+r)}function fs(t,e,r,n,i,s){if(t.listenerCount("wsClientError")){let a=new Error(i);Error.captureStackTrace(a,fs),t.emit("wsClientError",a,r,e)}else po(r,n,i,s)}});var X0=Rt((xK,... L11: `).map((o,l)=>({sign:"+",n:l+1,text:o}));return{path:i,verb:n,add:a.length,del:0,hunks:[{lines:a}]}}return{path:i,verb:n,...uh(s)}}function __(t,e){let r=String(e||"").replace(/\n$... ... L21: `))>=0;){let n=this._buf.slice(0,r);if(this._buf=this._buf.slice(r+1),!n.trim())continue;let i;try{i=JSON.parse(n)}catch{continue}if(i.id!=null&&(i.result!==void 0||i.error!==void ... L22: `).map(k=>k.trim()).filter(Boolean).slice(-3).join(" ");/not logged in|unauthor|login|sign in/i.test(c)?(r&&r("\u26A0\uFE0F \u672A\u7
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.jsView on unpkg · L2
2import{createRequire as __cr}from'node:module';const require=__cr(import.meta.url); L3: var sO=Object.create;var Nf=Object.defineProperty;var aO=Object.getOwnPropertyDescriptor;var oO=Object.getOwnPropertyNames;var lO=Object.getPrototypeOf,uO=Object.prototype.hasOwnPr... L4: `)[0],r=e.match(TO);return r?r[0]:e.slice(0,24)}async function CO(t){if(Uf.has(t))return Uf.get(t);let e=PO[t]||t,r="";try{let{stdout:n}=await xO(e,["--version"],{timeout:3e3});r=O... L5: `).join(`\r ... L9: \r L10: `+r)}function fs(t,e,r,n,i,s){if(t.listenerCount("wsClientError")){let a=new Error(i);Error.captureStackTrace(a,fs),t.emit("wsClientError",a,r,e)}else po(r,n,i,s)}});var X0=Rt((xK,... L11: `).map((o,l)=>({sign:"+",n:l+1,text:o}));return{path:i,verb:n,add:a.length,del:0,hunks:[{lines:a}]}}return{path:i,verb:n,...uh(s)}}function __(t,e){let r=String(e||"").replace(/\n$... ... L21: `))>=0;){let n=this._buf.slice(0,r);if(this._buf=this._buf.slice(r+1),!n.trim())continue;let i;try{i=JSON.parse(n)}catch{continue}if(i.id!=null&&(i.result!==void 0||i.error!==void ... L22: `).map(k=>k.trim()).filter(Boolean).slice(-3).join(" ");/not logged in|unauthor|login|sign in/i.test(c)?(r&&r("\u26A0\uFE0F \u672A\u7
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/cli.jsView on unpkg · L2

Findings

2 Critical4 High4 Medium6 Low
CriticalRemote Asset Decode Executedist/cli.js
CriticalTrigger Reachable Dangerous Capabilitydist/cli.js
HighChild Processdist/cli.js
HighEvaldist/cli.js
HighSame File Env Network Executiondist/cli.js
HighCommand Output Exfiltrationdist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/cli.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings