registry  /  @claudiolabs/claudin  /  0.7.2

@claudiolabs/claudin@0.7.2

⚠ Under review

Claudin — Claude Code opened to any LLM (OpenAI, Gemini, DeepSeek, Ollama, and 200+ models)

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 28 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 450 file(s), 8.12 MB of source, external domains: 1.1.1.1, 127.0.0.1, 169.254.169.254, 169.254.170.2, a.co, anthropic.com, api.anthropic.com, api.cloudflare.com, api.deepseek.com, api.githubcopilot.com, api.groq.com, api.kimi.com, api.minimax.io, api.mistral.ai, api.moonshot.ai, api.openai.com, api.together.xyz, api.x.ai, api.z.ai, app.corridor.dev, auth.openai.com, beacon.claude-ai.staging.ant.dev, bedrock-runtime.us-east-1.amazonaws.com, chatgpt.com, clau.de, claude-staging.fedstart.com, claude.ai, claude.com, claude.fedstart.com, code.claude.com, coding-intl.dashscope.aliyuncs.com, coding.dashscope.aliyuncs.com, docs.anthropic.com, docs.aws.amazon.com, docs.claude.com, docs.expo.dev, duckduckgo.com, example.com, external-content.duckduckgo.com, fonts.googleapis.com, gateway.ai.cloudflare.com, generativelanguage.googleapis.com, git-scm.com, github.com, hooks.example.com, integrate.api.nvidia.com, json-schema.org, json.schemastore.org, links.duckduckgo.com, llm.bankr.bot
Oversized source lightweight scan
dist/chunks/cli-0.7.2-520tgkhw.mjs3.46 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsHighEntropyStringsUrlStringsexample.comraw.githubusercontent.com

Source & flagged code

17 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall-warmup.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
dist/chunks/cli-0.7.2-88h70xrj.mjsView file
1patternName = generic_password severity = medium line = 1 matchedText = import{q...tml>
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/chunks/cli-0.7.2-88h70xrj.mjsView on unpkg · L1
dist/chunks/cli-0.7.2-5qd0bn5g.mjsView file
1import{_ea as o6,dfa as aW}from"./cli-0.7.2-5ca5nqtj.mjs";import{lfa as Vq,nfa as c6,ofa as hI}from"./cli-0.7.2-7rjfehxm.mjs";import{Kfa as Q3,yfa as S1}from"./cli-0.7.2-twx01hwg.m... L2: `;try{$.appendFileSync(Q,Y)}catch{try{$.mkdirSync(eL(Q)),$.appendFileSync(Q,Y)}catch{}}}function Z_(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}async function gP(Z,q,J){let Q... L3: `)){let Q=J.match(/^(ID|VERSION_ID)=(.*)$/);if(Q&&Q[1]&&Q[2]){let X=Q[2].replace(/^"|"$/g,"");if(Q[1]==="ID")Z.linuxDistroId=X;else Z.linuxDistroVersion=X}}}catch{}return Z})});imp...
High
Child Process

Package source references child process execution.

dist/chunks/cli-0.7.2-5qd0bn5g.mjsView on unpkg · L1
1import{_ea as o6,dfa as aW}from"./cli-0.7.2-5ca5nqtj.mjs";import{lfa as Vq,nfa as c6,ofa as hI}from"./cli-0.7.2-7rjfehxm.mjs";import{Kfa as Q3,yfa as S1}from"./cli-0.7.2-twx01hwg.m... L2: `;try{$.appendFileSync(Q,Y)}catch{try{$.mkdirSync(eL(Q)),$.appendFileSync(Q,Y)}catch{}}}function Z_(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}async function gP(Z,q,J){let Q... L3: `)){let Q=J.match(/^(ID|VERSION_ID)=(.*)$/);if(Q&&Q[1]&&Q[2]){let X=Q[2].replace(/^"|"$/g,"");if(Q[1]==="ID")Z.linuxDistroId=X;else Z.linuxDistroVersion=X}}}catch{}return Z})});imp... L4: `).filter(Boolean),Q=r().toLowerCase();for(let X of J){let $=R6.resolve(X).toLowerCase();if(R6.dirname($).toLowerCase()===Q||$.startsWith(Q+R6.sep)){x(`Skipping potentially malicio...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/chunks/cli-0.7.2-5qd0bn5g.mjsView on unpkg · L1
33`,$):Z.indexOf(10,$);if(Y===-1)break;$=Y+1;let H=q(Z,$);if(H.values.length>0)X=X.concat(H.values);if(!H.error||H.done||H.read>=J)break;$=H.read}return X}function TR(Z){let q=Z.leng... L34: `,Q);if($===-1)$=J;let Y=q.substring(Q,$).trim();if(Q=$+1,!Y)continue;try{X.push(JSON.parse(Y))}catch{}}return X}function V3(Z){if(p$)return AR(Z);if(typeof Z==="string")return jR(... L35: `)Y-=1,H+=1;else if(W==="u"&&q[H+2]==="{")H=q.indexOf("}",H+3);else H+=gR[W]??1}}let $=Q===Z.length;if(!$)J.push(Z.slice(Q));return{nextTokens:J,leadingWhitespaces:X,trailingWhites... L36: `]),gR={x:3,u:5}});import M3 from"node:process";var S0=(Z)=>l4.includes(Z),l4,w0,n4=(Z)=>w0[Z]??`stdio[${Z}]`;var Y1=B(()=>{l4=[M3.stdin,M3.stdout,M3.stderr],w0=["stdin","stdout","...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/chunks/cli-0.7.2-5qd0bn5g.mjsView on unpkg · L33
1Cross-file remote execution chain: dist/chunks/cli-0.7.2-5qd0bn5g.mjs spawns dist/chunks/cli-0.7.2-pbaedfkk.mjs; helper contains network access plus dynamic code execution. L1: import{_ea as o6,dfa as aW}from"./cli-0.7.2-5ca5nqtj.mjs";import{lfa as Vq,nfa as c6,ofa as hI}from"./cli-0.7.2-7rjfehxm.mjs";import{Kfa as Q3,yfa as S1}from"./cli-0.7.2-twx01hwg.m... L2: `;try{$.appendFileSync(Q,Y)}catch{try{$.mkdirSync(eL(Q)),$.appendFileSync(Q,Y)}catch{}}}function Z_(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}async function gP(Z,q,J){let Q... L3: `)){let Q=J.match(/^(ID|VERSION_ID)=(.*)$/);if(Q&&Q[1]&&Q[2]){let X=Q[2].replace(/^"|"$/g,"");if(Q[1]==="ID")Z.linuxDistroId=X;else Z.linuxDistroVersion=X}}}catch{}return Z})});imp... L4: `).filter(Boolean),Q=r().toLowerCase();for(let X of J){let $=R6.resolve(X).toLowerCase();if(R6.dirname($).toLowerCase()===Q||$.startsWith(Q+R6.sep)){x(`Skipping potentially malicio... ... L17: `)}catch(Y){if(W0(Y)==="ENOENT")await XR(X,`${J} L18: `,"utf-8");else throw Y}}catch(J){f(J)}}var k$=B(()=>{q1();C1();b4();R2();p0()});function F2(Z,q=!1){let J=Z.length,Q=0,X="",$=0,Y=16,H=0,K=0,W=0,U=0,V=0;function L(M,O){let T=0,j=... L19: `;break;case 114:M+="\…
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/chunks/cli-0.7.2-5qd0bn5g.mjsView on unpkg · L1
1import{_ea as o6,dfa as aW}from"./cli-0.7.2-5ca5nqtj.mjs";import{lfa as Vq,nfa as c6,ofa as hI}from"./cli-0.7.2-7rjfehxm.mjs";import{Kfa as Q3,yfa as S1}from"./cli-0.7.2-twx01hwg.m... L2: `;try{$.appendFileSync(Q,Y)}catch{try{$.mkdirSync(eL(Q)),$.appendFileSync(Q,Y)}catch{}}}function Z_(){return process.env.CLAUDE_CODE_DIAGNOSTICS_FILE}async function gP(Z,q,J){let Q... L3: `)){let Q=J.match(/^(ID|VERSION_ID)=(.*)$/);if(Q&&Q[1]&&Q[2]){let X=Q[2].replace(/^"|"$/g,"");if(Q[1]==="ID")Z.linuxDistroId=X;else Z.linuxDistroVersion=X}}}catch{}return Z})});imp... L4: `).filter(Boolean),Q=r().toLowerCase();for(let X of J){let $=R6.resolve(X).toLowerCase();if(R6.dirname($).toLowerCase()===Q||$.startsWith(Q+R6.sep)){x(`Skipping potentially malicio... ... L17: `)}catch(Y){if(W0(Y)==="ENOENT")await XR(X,`${J} L18: `,"utf-8");else throw Y}}catch(J){f(J)}}var k$=B(()=>{q1();C1();b4();R2();p0()});function F2(Z,q=!1){let J=Z.length,Q=0,X="",$=0,Y=16,H=0,K=0,W=0,U=0,V=0;function L(M,O){let T=0,j=... L19: `;break;case 114:M+="\r";break;case 116:M+="\t";break;case 117:let A=L(4,!0);if(A>=0)M+=String.fromCharCode(A);else V=4;break;default:V=5}O=Q;continue}if(T>=0&&T<=31)if(M2(T)){M+=Z... ... L34: `,Q
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/chunks/cli-0.7.2-5qd0bn5g.mjsView on unpkg · L1
dist/chunks/hookChains-0.7.2-4rsz02te.mjsView file
1import{Jx as kj,hE as jj,jA as M,kA as Cj,nE as Kj,tx as t}from"./cli-0.7.2-520tgkhw.mjs";import"./cli-0.7.2-31k7gjq7.mjs";import"./cli-0.7.2-tytdzgnc.mjs";import"./cli-0.7.2-21mtj... L2: `)}function ej(j,q,G){let A=_(G.payload),F=U(A),J={EVENT_NAME:G.eventName,OUTCOME:G.outcome,RULE_ID:q.id,PAYLOAD_JSON:F,ERROR:Y(A,["error","reason"])??"",TASK_SUBJECT:Y(A,["task_su... L3: `);return{summary:O,body:P}}async function tj(j){let{action:q,rule:G,event:A,runtime:F}=j;if(F.signal?.aborted)return{status:"skipped",reason:"aborted"};if(!F.onSpawnFallbackAgent)...
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunks/hookChains-0.7.2-4rsz02te.mjsView on unpkg · L1
dist/chunks/cli-0.7.2-q88h44qv.mjsView file
1import{eqa as y,hqa as b}from"./cli-0.7.2-5tacs42k.mjs";var P0=y(($w)=>{$w.HttpAuthLocation=void 0;(function($){$.HEADER="header",$.QUERY="query"})($w.HttpAuthLocation||($w.HttpAut... L2: `).slice(0,5).filter((T)=>!T.includes("stackTraceWarning")).join(`
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/chunks/cli-0.7.2-q88h44qv.mjsView on unpkg · L1
dist/chunks/index-0.7.2-f8swc4mv.mjsView file
20contains invisible/control Unicode U+200B (zero width space) \v\f\r\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F !"#$٪&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_\`abcdefghijklmnopqrstuvwxyz{|}~°·∙√▒─│┼┤┬├┴┐┌└┘β∞φ±½¼≈«»ﻷﻸ��ﻻﻼ� ­ﺂ£¤ﺄ��ﺎﺏﺕﺙ،ﺝﺡﺥ٠١٢٣٤٥٦٧٨٩ﻑ؛ﺱﺵﺹ؟
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/chunks/index-0.7.2-f8swc4mv.mjsView on unpkg · L20
dist/chunks/defaultActionDeps-0.7.2-dftsz493.mjsView file
1import"./cli-0.7.2-fcadqwem.mjs";import{n as _,p as DG,q as gG,r as sB,s as rB}from"./cli-0.7.2-tzc6qkph.mjs";import"./cli-0.7.2-h7m849rt.mjs";import"./cli-0.7.2-796x24s1.mjs";impo... L2: `)),process.exit(1);if(TI()==="windows")process.stderr.write(Q.red(`Error: --tmux is not supported on Windows ... L26: 1. **Code review** — Invoke the \`${jg}\` tool with \`skill: "code-review"\` and \`args: "medium"\` to get a correctness-bug report on your changes, then fix every reported bug bef... L27: 2. **Run unit tests** — Run the project's test suite (check for package.json scripts, Makefile targets, or common commands like \`npm test\`, \`bun test\`, \`pytest\`, \`go test\`)... L28: 3. **Test end-to-end** — Follow the e2e test recipe from the coordinator's prompt (below). If the recipe says to skip e2e for this unit, skip it. ... L431: L432: `)+X}function Mg(){u({name:"create",description:"Create or refine Claudin customizations — skills, rules, and custom agents — in the project (.claudin/) or global (~/.claudin/) str... L433: `).slice(-uG).join(` ... L538: Do not add anything to \`permissions.deny\` or \`permissions.ask\`. Do not touch any other settings field.`}function Eg(){u({na
High
Base64 Obscured Url

Source decodes a Base64-obscured HTTP endpoint at runtime.

dist/chunks/defaultActionDeps-0.7.2-dftsz493.mjsView on unpkg · L1
dist/claudin-vscode.vsixView file
path = dist/claudin-vscode.vsix kind = high_entropy_blob sizeBytes = 91168 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

dist/claudin-vscode.vsixView on unpkg
path = dist/claudin-vscode.vsix kind = compressed_blob sizeBytes = 91168 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

dist/claudin-vscode.vsixView on unpkg
path = dist/claudin-vscode.vsix kind = nested_archive_needs_inspection sizeBytes = 91168 magicHex = [redacted]
Low
Nested Archive Needs Inspection

Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

dist/claudin-vscode.vsixView on unpkg
dist/chunks/cli-0.7.2-520tgkhw.mjsView file
path = dist/chunks/cli-0.7.2-520tgkhw.mjs kind = oversized_source_file sizeBytes = 3625415 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/chunks/cli-0.7.2-520tgkhw.mjsView on unpkg
dist/chunks/cli-0.7.2-s41x7s9w.mjsView file
matchType = previous_version_dangerous_delta matchedPackage = @claudiolabs/claudin@0.7.1 matchedIdentity = npm:QGNsYXVkaW9sYWJzL2NsYXVkaW4:0.7.1 similarity = 0.683 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/chunks/cli-0.7.2-s41x7s9w.mjsView on unpkg
dist/chunks/openaiShim-0.7.2-qwqrcmfv.mjsView file
11patternName = generic_password severity = medium line = 11 matchedText = [Content...in(`
Medium
Secret Pattern

Hardcoded password in dist/chunks/openaiShim-0.7.2-qwqrcmfv.mjs

dist/chunks/openaiShim-0.7.2-qwqrcmfv.mjsView on unpkg · L11

Findings

2 Critical11 High8 Medium7 Low
CriticalTrojan Source Unicodedist/chunks/index-0.7.2-f8swc4mv.mjs
CriticalPrevious Version Dangerous Deltadist/chunks/cli-0.7.2-s41x7s9w.mjs
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdist/chunks/cli-0.7.2-5qd0bn5g.mjs
HighShell
HighSame File Env Network Executiondist/chunks/cli-0.7.2-5qd0bn5g.mjs
HighCommand Output Exfiltrationdist/chunks/cli-0.7.2-5qd0bn5g.mjs
HighCloud Metadata Accessdist/chunks/cli-0.7.2-q88h44qv.mjs
HighCross File Remote Execution Contextdist/chunks/cli-0.7.2-5qd0bn5g.mjs
HighBase64 Obscured Urldist/chunks/defaultActionDeps-0.7.2-dftsz493.mjs
HighObfuscated
HighShips High Entropy Blobdist/claudin-vscode.vsix
HighOversized Source Filedist/chunks/cli-0.7.2-520tgkhw.mjs
MediumSecret Patterndist/chunks/cli-0.7.2-88h70xrj.mjs
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/chunks/cli-0.7.2-5qd0bn5g.mjs
MediumProtestware
MediumShips Compressed Blobdist/claudin-vscode.vsix
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/chunks/openaiShim-0.7.2-qwqrcmfv.mjs
LowScripts Present
LowWeak Cryptodist/chunks/hookChains-0.7.2-4rsz02te.mjs
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNested Archive Needs Inspectiondist/claudin-vscode.vsix