registry  /  @bitkyc08/opencodex  /  2.7.10

@bitkyc08/opencodex@2.7.10

Universal provider proxy for OpenAI Codex — use any LLM with Codex CLI/App/SDK

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 209 file(s), 2.76 MB of source, external domains: 127.0.0.1, accounts.google.com, ai-gateway.vercel.sh, aiplatform.googleapis.com, aistudio.google.com, antigravity.google, api.anthropic.com, api.cerebras.ai, api.code.umans.ai, api.deepseek.com, api.fireworks.ai, api.githubcopilot.com, api.groq.com, api.kilo.ai, api.kimi.com, api.minimax.io, api.minimaxi.com, api.mistral.ai, api.moonshot.ai, api.neuralwatt.com, api.openai.com, api.synthetic.new, api.together.xyz, api.venice.ai, api.x.ai, api.xiaomimimo.com, api.z.ai, api2.cursor.sh, app.umans.ai, auth.kimi.com, auth.openai.com, auth.x.ai, build.nvidia.com, chatgpt.com, claude.ai, cli-chat-proxy.grok.com, cloud.cerebras.ai, cloud.gitlab.com, cloudcode-pa.googleapis.com, coding-intl.dashscope.aliyuncs.com, console.anthropic.com, console.bce.baidu.com, console.cloud.google.com, console.groq.com, console.mistral.ai, cursor.com, daily-cloudcode-pa.googleapis.com, dash.cloudflare.com, dashscope.console.aliyun.com, docs.litellm.ai

Source & flagged code

3 flagged · loading source
src/server/system-env.tsView file
1import { execSync } from "node:child_process"; L2: import { readFileSync, writeFileSync, unlinkSync, mkdirSync } from "node:fs"; ... L8: // --------------------------------------------------------------------------- L9: // Shell-hook env file: written on inject, sourced by the shell hook in .zshrc. L10: // This works for ALL new shells immediately, unlike launchctl setenv which only ... L24: `# Generated by opencodex — do not edit manually`, L25: `export ANTHROPIC_BASE_URL=${shellValue(`http://127.0.0.1:${port}`)}`, L26: `export CLAUDE_CODE_ENABLE_GATEWAY_MODEL_DISCOVERY=${shellValue("1")}`, ... L72: export function installShellHook(): { installed: boolean; reason?: string } { L73: if (process.platform !== "darwin") return { installed: false, reason: "not macOS" }; L74: const home = process.env.HOME; L75: if (!home) return { installed: false, reason: "no HOME" };
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

src/server/system-env.tsView on unpkg · L1
src/lib/gcp-adc.tsView file
13* L14: * Security: never logs the access token, private key, or refresh token. L15: */ ... L24: L25: const OAUTH_TOKEN_URL = "https://oauth2.googleapis.com/token"; L26: const METADATA_TOKEN_URL = "http://metadata.google.[redacted]-accounts/default/token"; L27: const CLOUD_PLATFORM_SCOPE = "https://www.googleapis.com/auth/cloud-platform"; ... L41: client_email: string; L42: private_key: string; L43: private_key_id?: string; ... L64: function getRefreshSkewMs(): number { L65: const raw = Number(process.env.GOOGLE_VERTEX_REFRESH_SKEW_MS);
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

src/lib/gcp-adc.tsView on unpkg · L13
src/cli/index.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @bitkyc08/opencodex@2.7.7 matchedIdentity = npm:QGJpdGt5YzA4L29wZW5jb2RleA:2.7.7 similarity = 0.633 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/cli/index.tsView on unpkg

Findings

2 High4 Medium5 Low
HighCloud Metadata Accesssrc/lib/gcp-adc.ts
HighPrevious Version Dangerous Deltasrc/cli/index.ts
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencesrc/server/system-env.ts
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings