registry  /  @axiorank/sdk  /  0.19.0

@axiorank/sdk@0.19.0

Catch leaked secrets, prompt injection, and destructive calls in your AI agent's tool calls. Runs locally with no signup; enforce centrally with AxioRank.

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 14 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 27 file(s), 300 KB of source, external domains: app.axiorank.com, attacker.example, www.axiorank.com

Source & flagged code

8 flagged · loading source
dist/cli.jsView file
49patternName = aws_access_key severity = critical line = 49 matchedText = body: "A...LE",
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/cli.jsView on unpkg · L49
49patternName = aws_access_key severity = critical line = 49 matchedText = body: "A...LE",
Critical
Secret Pattern

AWS access key ID in dist/cli.js

dist/cli.jsView on unpkg · L49
dist/chunk-RE65MQXY.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @axiorank/sdk@0.17.0 matchedIdentity = npm:QGF4aW9yYW5rL3Nkaw:0.17.0 similarity = 0.833 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/chunk-RE65MQXY.jsView on unpkg
944regex: /\beval\s*\(\s*(?:atob|base64_decode|Buffer\.from)\s*\(|\bexec\s*\(\s*__import__\s*\(\s*['"]base64/i, L945: prefilter: ["eval(", "exec("] L946: },
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/chunk-RE65MQXY.jsView on unpkg · L944
dist/index.d.ctsView file
48patternName = aws_access_key severity = critical line = 48 matchedText = * body...LE",
Critical
Secret Pattern

AWS access key ID in dist/index.d.cts

dist/index.d.ctsView on unpkg · L48
dist/index.d.tsView file
48patternName = aws_access_key severity = critical line = 48 matchedText = * body...LE",
Critical
Secret Pattern

AWS access key ID in dist/index.d.ts

dist/index.d.tsView on unpkg · L48
dist/cli.cjsView file
1935patternName = aws_access_key severity = critical line = 1935 matchedText = body: "A...LE",
Critical
Secret Pattern

AWS access key ID in dist/cli.cjs

dist/cli.cjsView on unpkg · L1935
README.mdView file
42patternName = aws_access_key severity = critical line = 42 matchedText = body: "A...LE",
Critical
Secret Pattern

AWS access key ID in README.md

README.mdView on unpkg · L42

Findings

6 Critical1 High2 Medium5 Low
CriticalCritical Secretdist/cli.js
CriticalSecret Patterndist/index.d.cts
CriticalSecret Patterndist/cli.js
CriticalSecret Patterndist/index.d.ts
CriticalSecret Patterndist/cli.cjs
CriticalSecret PatternREADME.md
HighPrevious Version Dangerous Deltadist/chunk-RE65MQXY.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvaldist/chunk-RE65MQXY.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings