registry  /  @devflow-tools/claude-code-plugin  /  0.12.6

@devflow-tools/claude-code-plugin@0.12.6

⚠ Under review

DevFlow — Developer Intelligence Platform for Claude Code

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 9 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
MinifiedUrlStrings
Manifest
NoLicense
scanned 5 file(s), 30.6 KB of source, external domains: 127.0.0.1

Source & flagged code

4 flagged · loading source
dist/hooks/hook-daemon.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @devflow-tools/claude-code-plugin@0.12.5 matchedIdentity = npm:[redacted]:0.12.5 similarity = 0.800 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/hooks/hook-daemon.jsView on unpkg
1import {createServer}from'net';import {join}from'path';import {homedir}from'os';import {existsSync,unlinkSync,readdirSync,readFileSync,mkdirSync,writeFileSync}from'fs';import {crea... L2: `).filter(s=>s.trim())),e.push(JSON.stringify(t)),e.length>B&&(e=e.slice(e.length-B)),writeFileSync(p,e.join(`
High
Child Process

Package source references child process execution.

dist/hooks/hook-daemon.jsView on unpkg · L1
1import {createServer}from'net';import {join}from'path';import {homedir}from'os';import {existsSync,unlinkSync,readdirSync,readFileSync,mkdirSync,writeFileSync}from'fs';import {crea... L2: `).filter(s=>s.trim())),e.push(JSON.stringify(t)),e.length>B&&(e=e.slice(e.length-B)),writeFileSync(p,e.join(`
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/hooks/hook-daemon.jsView on unpkg · L1
1import {createServer}from'net';import {join}from'path';import {homedir}from'os';import {existsSync,unlinkSync,readdirSync,readFileSync,mkdirSync,writeFileSync}from'fs';import {crea... L2: `).filter(s=>s.trim())),e.push(JSON.stringify(t)),e.length>B&&(e=e.slice(e.length-B)),writeFileSync(p,e.join(`
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/hooks/hook-daemon.jsView on unpkg · L1

Findings

1 Critical3 High1 Medium4 Low
CriticalPrevious Version Dangerous Deltadist/hooks/hook-daemon.js
HighChild Processdist/hooks/hook-daemon.js
HighSame File Env Network Executiondist/hooks/hook-daemon.js
HighCommand Output Exfiltrationdist/hooks/hook-daemon.js
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License