registry  /  @akasecurity/ai-tc-claude-code  /  0.8.2

@akasecurity/ai-tc-claude-code@0.8.2

AI Traffic Control — inspect and govern AI prompts in Claude Code

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 50 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 15 file(s), 12.4 MB of source, external domains: index.docker.io, json-schema.org, staging.example.com

Source & flagged code

41 flagged · loading source
scripts/post-tool-use.jsView file
24478patternName = private_key_rsa severity = critical line = 24478 matchedText = "-----BE...---"
Critical
Critical Secret

Package contains a critical-looking secret pattern.

scripts/post-tool-use.jsView on unpkg · L24478
24478patternName = private_key_rsa severity = critical line = 24478 matchedText = "-----BE...---"
Critical
Secret Pattern

RSA private key in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24478
24511patternName = aws_access_key severity = critical line = 24511 matchedText = examples...LE"]
Critical
Secret Pattern

AWS access key ID in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24511
24528patternName = aws_secret_key severity = critical line = 24528 matchedText = examples...EY"]
Critical
Secret Pattern

AWS secret access key in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24528
24642patternName = github_fine_grained severity = critical line = 24642 matchedText = "github_...Te",
Critical
Secret Pattern

GitHub fine-grained PAT in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24642
24643patternName = github_pat severity = critical line = 24643 matchedText = "ghp_aBc...890"
Critical
Secret Pattern

GitHub personal access token in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24643
24692patternName = npm_token severity = critical line = 24692 matchedText = examples...nO"]
Critical
Secret Pattern

npm access token in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24692
24755patternName = slack_bot_token severity = critical line = 24755 matchedText = examples...Wx"]
Critical
Secret Pattern

Slack bot token in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24755
24771patternName = stripe_live_secret severity = critical line = 24771 matchedText = examples...yZ"]
Critical
Secret Pattern

Stripe live secret key in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L24771
66REGEX_REGEXP_RANGE, L67: (match, from, to) => from.charCodeAt(0) <= to.charCodeAt(0) ? match : EMPTY L68: ); ... L209: // WTF! L210: // https://git-scm.com/docs/gitignore L211: // changes in [2.22.1](https://git-scm.com/docs/gitignore/2.22.1) ... L482: // Detect `process` so that it can run in browsers. L483: typeof process !== "undefined" && process.platform === "win32" L484: ) { ... L2206: error: new (_Err ?? $ZodError)(result.issues.map((iss) => finalizeIssue(iss, ctx, config()))) L2207: } : { success: true, data: result.value }; L2208: };
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

scripts/post-tool-use.jsView on unpkg · L66
23300patternName = generic_password severity = medium line = 23300 matchedText = examples...y'"]
Medium
Secret Pattern

Hardcoded password in scripts/post-tool-use.js

scripts/post-tool-use.jsView on unpkg · L23300
23274}, L23275: examples: ["eval(request.body.code)", "exec(user_input)"] L23276: };
Low
Eval

Package source references a known benign dynamic code generation pattern.

scripts/post-tool-use.jsView on unpkg · L23274
66REGEX_REGEXP_RANGE, L67: (match, from, to) => from.charCodeAt(0) <= to.charCodeAt(0) ? match : EMPTY L68: ); ... L209: // WTF! L210: // https://git-scm.com/docs/gitignore L211: // changes in [2.22.1](https://git-scm.com/docs/gitignore/2.22.1) ... L482: // Detect `process` so that it can run in browsers. L483: typeof process !== "undefined" && process.platform === "win32" L484: ) { ... L2206: error: new (_Err ?? $ZodError)(result.issues.map((iss) => finalizeIssue(iss, ctx, config()))) L2207: } : { success: true, data: result.value }; L2208: };
Low
Weak Crypto

Package source references weak cryptographic algorithms.

scripts/post-tool-use.jsView on unpkg · L66
scripts/stop.jsView file
17231// src/history/reconcile-trigger.ts L17232: import { spawn } from "child_process"; L17233: import { dirname as dirname2, join as join12 } from "path";
High
Child Process

Package source references child process execution.

scripts/stop.jsView on unpkg · L17231
66Cross-file remote execution chain: scripts/stop.js spawns scripts/reconcile.js; helper contains network access plus dynamic code execution. L66: REGEX_REGEXP_RANGE, L67: (match, from, to) => from.charCodeAt(0) <= to.charCodeAt(0) ? match : EMPTY L68: ); ... L209: // WTF! L210: // https://git-scm.com/docs/gitignore L211: // changes in [2.22.1](https://git-scm.com/docs/gitignore/2.22.1) ... L482: // Detect `process` so that it can run in browsers. L483: typeof process !== "undefined" && process.platform === "win32" L484: ) { ... L2020: error: new (_Err ?? $ZodError)(result.issues.map((iss) => finalizeIssue(iss, ctx, config()))) L2021: } : { success: true, data: result.value }; L2022: };
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

scripts/stop.jsView on unpkg · L66
scripts/pre-tool-use.jsView file
24478patternName = private_key_rsa severity = critical line = 24478 matchedText = "-----BE...---"
Critical
Secret Pattern

RSA private key in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24478
24511patternName = aws_access_key severity = critical line = 24511 matchedText = examples...LE"]
Critical
Secret Pattern

AWS access key ID in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24511
24528patternName = aws_secret_key severity = critical line = 24528 matchedText = examples...EY"]
Critical
Secret Pattern

AWS secret access key in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24528
24642patternName = github_fine_grained severity = critical line = 24642 matchedText = "github_...Te",
Critical
Secret Pattern

GitHub fine-grained PAT in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24642
24643patternName = github_pat severity = critical line = 24643 matchedText = "ghp_aBc...890"
Critical
Secret Pattern

GitHub personal access token in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24643
24692patternName = npm_token severity = critical line = 24692 matchedText = examples...nO"]
Critical
Secret Pattern

npm access token in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24692
24755patternName = slack_bot_token severity = critical line = 24755 matchedText = examples...Wx"]
Critical
Secret Pattern

Slack bot token in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24755
24771patternName = stripe_live_secret severity = critical line = 24771 matchedText = examples...yZ"]
Critical
Secret Pattern

Stripe live secret key in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L24771
23300patternName = generic_password severity = medium line = 23300 matchedText = examples...y'"]
Medium
Secret Pattern

Hardcoded password in scripts/pre-tool-use.js

scripts/pre-tool-use.jsView on unpkg · L23300
scripts/statusline.jsView file
24253patternName = private_key_rsa severity = critical line = 24253 matchedText = "-----BE...---"
Critical
Secret Pattern

RSA private key in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24253
24286patternName = aws_access_key severity = critical line = 24286 matchedText = examples...LE"]
Critical
Secret Pattern

AWS access key ID in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24286
24303patternName = aws_secret_key severity = critical line = 24303 matchedText = examples...EY"]
Critical
Secret Pattern

AWS secret access key in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24303
24417patternName = github_fine_grained severity = critical line = 24417 matchedText = "github_...Te",
Critical
Secret Pattern

GitHub fine-grained PAT in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24417
24418patternName = github_pat severity = critical line = 24418 matchedText = "ghp_aBc...890"
Critical
Secret Pattern

GitHub personal access token in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24418
24467patternName = npm_token severity = critical line = 24467 matchedText = examples...nO"]
Critical
Secret Pattern

npm access token in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24467
24530patternName = slack_bot_token severity = critical line = 24530 matchedText = examples...Wx"]
Critical
Secret Pattern

Slack bot token in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24530
24546patternName = stripe_live_secret severity = critical line = 24546 matchedText = examples...yZ"]
Critical
Secret Pattern

Stripe live secret key in scripts/statusline.js

scripts/statusline.jsView on unpkg · L24546
23075patternName = generic_password severity = medium line = 23075 matchedText = examples...y'"]
Medium
Secret Pattern

Hardcoded password in scripts/statusline.js

scripts/statusline.jsView on unpkg · L23075
scripts/query.jsView file
24315patternName = private_key_rsa severity = critical line = 24315 matchedText = "-----BE...---"
Critical
Secret Pattern

RSA private key in scripts/query.js

scripts/query.jsView on unpkg · L24315
24348patternName = aws_access_key severity = critical line = 24348 matchedText = examples...LE"]
Critical
Secret Pattern

AWS access key ID in scripts/query.js

scripts/query.jsView on unpkg · L24348
24365patternName = aws_secret_key severity = critical line = 24365 matchedText = examples...EY"]
Critical
Secret Pattern

AWS secret access key in scripts/query.js

scripts/query.jsView on unpkg · L24365
24479patternName = github_fine_grained severity = critical line = 24479 matchedText = "github_...Te",
Critical
Secret Pattern

GitHub fine-grained PAT in scripts/query.js

scripts/query.jsView on unpkg · L24479
24480patternName = github_pat severity = critical line = 24480 matchedText = "ghp_aBc...890"
Critical
Secret Pattern

GitHub personal access token in scripts/query.js

scripts/query.jsView on unpkg · L24480
24529patternName = npm_token severity = critical line = 24529 matchedText = examples...nO"]
Critical
Secret Pattern

npm access token in scripts/query.js

scripts/query.jsView on unpkg · L24529
24592patternName = slack_bot_token severity = critical line = 24592 matchedText = examples...Wx"]
Critical
Secret Pattern

Slack bot token in scripts/query.js

scripts/query.jsView on unpkg · L24592
23137patternName = generic_password severity = medium line = 23137 matchedText = examples...y'"]
Medium
Secret Pattern

Hardcoded password in scripts/query.js

scripts/query.jsView on unpkg · L23137

Findings

32 Critical4 High7 Medium7 Low
CriticalCritical Secretscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/post-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/pre-tool-use.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/statusline.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
CriticalSecret Patternscripts/query.js
HighChild Processscripts/stop.js
HighShell
HighObfuscated Payload Loaderscripts/post-tool-use.js
HighCross File Remote Execution Contextscripts/stop.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patternscripts/post-tool-use.js
MediumSecret Patternscripts/pre-tool-use.js
MediumSecret Patternscripts/statusline.js
MediumSecret Patternscripts/query.js
LowScripts Present
LowEvalscripts/post-tool-use.js
LowWeak Cryptoscripts/post-tool-use.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings