registry  /  @inspiracode/agentic-workflow  /  0.0.65

@inspiracode/agentic-workflow@0.0.65

⚠ Under review

Cross-platform CLI for the agentic ticket pipeline (dev-* + plan-* commands).

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 17 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
Manifest
NoLicense
scanned 22 file(s), 1.01 MB of source, external domains: api.telegram.org, claude.com, cline.bot, code.kimi.com, developers.openai.com, geminicli.com, gist.github.com, github.com, host.docker.internal, kilo.ai, moonshotai.github.io, opencode.ai, pi.dev, qwen.ai, raw.githubusercontent.com

Source & flagged code

7 flagged · loading source
dist/chunk-6F5ZWTDE.jsView file
7// src/lib/ssh.ts L8: import { spawn } from "child_process"; L9: function shQuote(s) {
High
Child Process

Package source references child process execution.

dist/chunk-6F5ZWTDE.jsView on unpkg · L7
dist/chunk-FZTBJF2N.jsView file
3// src/lib/proc.ts L4: import { execa } from "execa"; L5: async function run(file, args = [], opts = {}) {
High
Shell

Package source references shell execution.

dist/chunk-FZTBJF2N.jsView on unpkg · L3
dist/cli.jsView file
2import { L3: execAgenticCapture, L4: execAgenticDetached, ... L236: async function runSolutionOverride(opts) { L237: const loaded = resolveSolution({ solutionName: process.env.AGENTIC_SOLUTION || void 0 }); L238: const name = loaded.config.name; ... L402: const repoRootR = await run("git", ["rev-parse", "--show-toplevel"], { cwd: sol2.rootDir, allowFailure: true }); L403: if (repoRootR.exitCode !== 0 || !repoRootR.stdout) return; L404: const repoRoot = repoRootR.stdout; ... L577: const r = await run("gh", ["issue", "view", String(issue), "--repo", repo, "--json", fields.join(",")]); L578: return JSON.parse(r.stdout); L579: }
Critical
Command Output Exfiltration

Source executes local commands and sends command output to an external endpoint.

dist/cli.jsView on unpkg · L2
2Trigger-reachable chain: manifest.bin -> dist/cli.js L2: import { L3: execAgenticCapture, L4: execAgenticDetached, ... L236: async function runSolutionOverride(opts) { L237: const loaded = resolveSolution({ solutionName: process.env.AGENTIC_SOLUTION || void 0 }); L238: const name = loaded.config.name; ... L402: const repoRootR = await run("git", ["rev-parse", "--show-toplevel"], { cwd: sol2.rootDir, allowFailure: true }); L403: if (repoRootR.exitCode !== 0 || !repoRootR.stdout) return; L404: const repoRoot = repoRootR.stdout; ... L577: const r = await run("gh", ["issue", "view", String(issue), "--repo", repo, "--json", fields.join(",")]); L578: return JSON.parse(r.stdout); L579: }
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/cli.jsView on unpkg · L2
2import { L3: execAgenticCapture, L4: execAgenticDetached, ... L236: async function runSolutionOverride(opts) { L237: const loaded = resolveSolution({ solutionName: process.env.AGENTIC_SOLUTION || void 0 }); L238: const name = loaded.config.name; ... L402: const repoRootR = await run("git", ["rev-parse", "--show-toplevel"], { cwd: sol2.rootDir, allowFailure: true }); L403: if (repoRootR.exitCode !== 0 || !repoRootR.stdout) return; L404: const repoRoot = repoRootR.stdout; ... L577: const r = await run("gh", ["issue", "view", String(issue), "--repo", repo, "--json", fields.join(",")]); L578: return JSON.parse(r.stdout); L579: }
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.jsView on unpkg · L2
2import { L3: execAgenticCapture, L4: execAgenticDetached, ... L236: async function runSolutionOverride(opts) { L237: const loaded = resolveSolution({ solutionName: process.env.AGENTIC_SOLUTION || void 0 }); L238: const name = loaded.config.name; ... L402: const repoRootR = await run("git", ["rev-parse", "--show-toplevel"], { cwd: sol2.rootDir, allowFailure: true }); L403: if (repoRootR.exitCode !== 0 || !repoRootR.stdout) return; L404: const repoRoot = repoRootR.stdout; ... L577: const r = await run("gh", ["issue", "view", String(issue), "--repo", repo, "--json", fields.join(",")]); L578: return JSON.parse(r.stdout); L579: }
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/cli.jsView on unpkg · L2
templates/infra/bootstrap.shView file
path = templates/infra/bootstrap.sh kind = build_helper sizeBytes = 6499 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

templates/infra/bootstrap.shView on unpkg

Findings

2 Critical2 High5 Medium8 Low
CriticalCommand Output Exfiltrationdist/cli.js
CriticalTrigger Reachable Dangerous Capabilitydist/cli.js
HighChild Processdist/chunk-6F5ZWTDE.js
HighShelldist/chunk-FZTBJF2N.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
MediumShips Build Helpertemplates/infra/bootstrap.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/cli.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License