registry  /  @anthropic-ai/claude-agent-sdk  /  0.3.201

@anthropic-ai/claude-agent-sdk@0.3.201

⚠ Under review

SDK for building AI agents with Claude Code's capabilities. Programmatically interact with Claude to build autonomous agents that can understand codebases, edit files, and execute workflows.

Static Scan Results

scanned 5h ago · by rust-scanner

Static analysis flagged 14 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Manifest
NoLicense
scanned 4 file(s), 3.22 MB of source, external domains: 1.1.1.1, api.anthropic.com, beacon.claude-ai.staging.ant.dev, claude-staging.fedstart.com, claude.ai, claude.com, claude.fedstart.com, docs.anthropic.com, docs.expo.dev, feross.org, github.com, jimmy.warting.se, json-schema.org, mcp-proxy.anthropic.com, platform.claude.com, raw.githubusercontent.com

Source & flagged code

4 flagged · loading source
browser-sdk.jsView file
1// (c) Anthropic PBC. All rights reserved. Use is subject to the Legal Agreements outlined here: https://code.claude.com/docs/en/legal-and-compliance. L2: L3: // Version: 0.3.201 L4: var J8=Object.create;var{getPrototypeOf:X8,defineProperty:ha,getOwnPropertyNames:I_,getOwnPropertyDescriptor:Y8}=Object,P_=Object.prototype.hasOwnProperty;function T_(e){return thi... L5: `)>-1)if(o)h=h.split(` ... L13: `)+" "+r[1];return r[0]+t+" "+e.join(", ")+" "+r[1]}function R1(e){return Array.isArray(e)}function ym(e){return typeof e==="boolean"}function Oc(e){return e===null}function fI(e){... L14: `;super(n);this.name="AggregateError",this.errors=i}}t.exports={AggregateError:r,ArrayIsArray(i){return Array.isArray(i)},ArrayPrototypeIncludes(i,n){return i.includes(n)},ArrayPro... L15: this._initNamed(entity); ... L18: we accept pull requests L19: https://github.com/browserify/crypto-browserify`)},e.constants={DH_CHECK_P_NOT_SAFE_PRIME:2,DH_CHECK_P_NOT_PRIME:1,DH_UNABLE_TO_CHECK_GENERATOR:4,DH_NOT_SUITABLE_GENERATOR:8,NPN_EN... L20: `:""},this._extScope=e,this._scope=new qn.Scope({parent:e}),this._nodes=[new vk]}toString(){return this._root.render(this.opts)}name(e){return this._scope.name(e)
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

browser-sdk.jsView on unpkg · L1
Trigger-reachable chain: manifest.exports -> browser-sdk.js Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

browser-sdk.jsView on unpkg
76`)}catch{}},PR)},this.ws.onerror=(i)=>{clearTimeout(r),this.ready=!1;let n=Error("WebSocket connection error");if(this.exitError=n,this.readyReject)this.readyReject(n);this.message... L77: `);this.partialLine=o.pop()??"";for(let s of o){if(!s)continue;try{this.messages.enqueue(Ss(s))}catch(h){}}},this.abortController)if(this.abortHandler=()=>{this.close(),this.exitEr... L78: `)}var Nd=(e)=>(t,r,i,n)=>{let o=i?Object.assign(i,{async:!1}):{async:!1},s=t._zod.run({value:r,issues:[]},o);if(s instanceof Promise)throw new fi;if(s.issues.length){let h=new(n?....
High
Eval

Package source references dynamic code evaluation.

browser-sdk.jsView on unpkg · L76
64new Anthropic({ apiKey, dangerouslyAllowBrowser: true }); L65: `);this.baseURL=n.baseURL,this._baseURLIsExplicit=i.__baseURLIsExplicit??!!e,this.timeout=n.timeout??$0.DEFAULT_TIMEOUT,this.logger=n.logger??console;let o="warn";this.logLevel=o,t... L66: `)){let _=b.indexOf(":");if(_>=0)v[b.substring(0,_).trim()]=b.substring(_+1).trim()}n.defaultHeaders={...v,...n.defaultHeaders}}let h=i.__auth;if(delete n.__auth,delete n.__baseURL... L67: `))e=pn(e);let i=`${new Date().toISOString()} [${t.toUpperCase()}] ${E2(e.trim())} ... L76: `)}catch{}},PR)},this.ws.onerror=(i)=>{clearTimeout(r),this.ready=!1;let n=Error("WebSocket connection error");if(this.exitError=n,this.readyReject)this.readyReject(n);this.message... L77: `);this.partialLine=o.pop()??"";for(let s of o){if(!s)continue;try{this.messages.enqueue(Ss(s))}catch(h){}}},this.abortController)if(this.abortHandler=()=>{this.close(),this.exitEr... L78: `)}var Nd=(e)=>(t,r,i,n)=>{let o=i?Object.assign(i,{async:!1}):{async:!1},s=t._zod.run({value:r,issues:[]},o);if(s instanceof Promise)throw new fi;if(s.issues.length){let h=new(n?....
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

browser-sdk.jsView on unpkg · L64

Findings

2 Critical3 High4 Medium5 Low
CriticalRemote Asset Decode Executebrowser-sdk.js
CriticalTrigger Reachable Dangerous Capabilitybrowser-sdk.js
HighChild Process
HighEvalbrowser-sdk.js
HighSame File Env Network Executionbrowser-sdk.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumStructural Risk Force Deep Review
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License