registry  /  @bbk1ng/agent-orch  /  0.2.3

@bbk1ng/agent-orch@0.2.3

Run local coding agents in a cross-audit loop on any git repo — author, cross-audit, test-gate, merge. Educational; not for production.

Static Scan Results

scanned 8d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 35 file(s), 161 KB of source, external domains: api.github.com, cli.github.com

Source & flagged code

1 flagged · loading source
src/resume.jsView file
23export function lookup(orchDir, task, author) { L24: try { return JSON.parse(readFileSync(file(orchDir, task, author), "utf8")); } L25: catch { return null; } // ENOENT / parse error → no record
Low
Weak Crypto

Package source references weak cryptographic algorithms.

src/resume.jsView on unpkg · L23

Findings

1 Medium6 Low
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptosrc/resume.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings