registry  /  @jait/gateway  /  0.1.575

@jait/gateway@0.1.575

⚠ Under review

Jait AI gateway — local-first AI coding agent with terminal, filesystem, and browser control

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 18 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 628 file(s), 14.5 MB of source, external domains: 127.0.0.1, 192.168.178.53, accounts.google.com, api.bitbucket.org, api.botframework.com, api.elevenlabs.io, api.github.com, api.moonshot.ai, api.openai.com, api.perplexity.ai, api.search.brave.com, api.telegram.org, api.x.ai, chevrotain.io, clawhub.ai, dev.azure.com, en.wikipedia.org, generativelanguage.googleapis.com, github.com, gmail.googleapis.com, graph.microsoft.com, ipapi.co, jquery.org, langium.org, login.botframework.com, login.microsoftonline.com, oauth2.googleapis.com, openrouter.ai, react.dev, sts.windows.net, tldrlegal.com, wttr.in, www.googleapis.com, www.w3.org
Oversized source lightweight scan
web-dist/assets/index-Clcqg1fE.js3.14 MB file, sampled 256 KB
NetworkWebSocketHighEntropyStringsMinifiedUrlStringsreact.dev

Source & flagged code

10 flagged · loading source
web-dist/assets/blade-BjGOyj-B.jsView file
1import e from"./html-derivative-DlHx6ybY.js";import t from"./html-pp8916En.js";import n from"./xml-sdJ4AIDG.js";import a from"./sql-BLtJtn59.js";import r from"./javascript-wDzz0qaB... L2: //# sourceMappingURL=blade-BjGOyj-B.js.map
High
Child Process

Package source references child process execution.

web-dist/assets/blade-BjGOyj-B.jsView on unpkg · L1
bin/jait.mjsView file
637L638: const execArgs = [nodePath, jaitBin]; L639: if (existsSync(envFlag)) execArgs.push("--env", envFlag);
High
Shell

Package source references shell execution.

bin/jait.mjsView on unpkg · L637
dist/tools/screenshot-tools.jsView file
57try { L58: const loadPlaywright = new Function("return import('playwright')"); L59: const mod = (await loadPlaywright());
High
Eval

Package source references dynamic code evaluation.

dist/tools/screenshot-tools.jsView on unpkg · L57
web-dist/assets/ruby-Wjq7vjNf.jsView file
1import e from"./html-pp8916En.js";import n from"./haml-D5jkg6IW.js";import t from"./xml-sdJ4AIDG.js";import a from"./sql-BLtJtn59.js";import r from"./graphql-ChdNCCLP.js";import i ... L2: //# sourceMappingURL=ruby-Wjq7vjNf.js.map
Medium
Dynamic Require

Package source references dynamic require/import behavior.

web-dist/assets/ruby-Wjq7vjNf.jsView on unpkg · L1
dist/tools/redeploy-tools.jsView file
101log(`🐤 Starting canary on port ${canaryPort}...\n`); L102: const canary = spawn("jait", ["--port", String(canaryPort)], { L103: stdio: "ignore", L104: detached: true, L105: env: { ...process.env, PORT: String(canaryPort), __JAIT_CLI: "1" }, L106: windowsHide: true, ... L108: canary.unref(); L109: const healthy = await waitForHealth(`http://127.0.0.1:${canaryPort}`, 30_000); L110: if (!healthy) {
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/tools/redeploy-tools.jsView on unpkg · L101
6* **systemd** (detected when INVOCATION_ID is set): L7: * 1. npm install -g @jait/gateway@latest L8: * 2. Spawn canary on PORT+1, health-check it ... L19: */ L20: import { execSync, spawn } from "node:child_process"; L21: export function createRedeployTool(deps) {
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/tools/redeploy-tools.jsView on unpkg · L6
dist/tools/browser-tools.jsView file
4const DEFAULT_BROWSER_ID = "browser-default"; L5: const DEFAULT_OPENAI_BASE_URL = "https://api.openai.com/v1"; L6: const DEFAULT_OPENAI_WEB_SEARCH_MODEL = "gpt-5"; ... L131: message: `Navigated to ${snapshot.url}`, L132: data: buildSnapshotPayload(surface.id, snapshot, session), L133: }; ... L362: const timeout = setTimeout(() => controller.abort(), timeoutMs); L363: const ignoreTlsErrors = input.ignoreTlsErrors === true || process.env["WEB_FETCH_IGNORE_TLS_ERRORS"] === "true"; L364: try { ... L370: }, ignoreTlsErrors); L371: const text = await response.text(); L372: return {
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/tools/browser-tools.jsView on unpkg · L4
web-dist/noVNC/app/images/icons/MakefileView file
path = web-[redacted] kind = build_helper sizeBytes = 1331 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

web-dist/noVNC/app/images/icons/MakefileView on unpkg
web-dist/noVNC/app/sounds/bell.ogaView file
path = web-dist/noVNC/app/sounds/bell.oga kind = high_entropy_blob sizeBytes = 8495 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

web-dist/noVNC/app/sounds/bell.ogaView on unpkg
web-dist/assets/index-Clcqg1fE.jsView file
path = web-dist/assets/index-Clcqg1fE.js kind = oversized_source_file sizeBytes = 3297741 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

web-dist/assets/index-Clcqg1fE.jsView on unpkg

Findings

1 Critical7 High5 Medium5 Low
CriticalCredential Exfiltrationdist/tools/browser-tools.js
HighChild Processweb-dist/assets/blade-BjGOyj-B.js
HighShellbin/jait.mjs
HighEvaldist/tools/screenshot-tools.js
HighSame File Env Network Executiondist/tools/redeploy-tools.js
HighRuntime Package Installdist/tools/redeploy-tools.js
HighShips High Entropy Blobweb-dist/noVNC/app/sounds/bell.oga
HighOversized Source Fileweb-dist/assets/index-Clcqg1fE.js
MediumDynamic Requireweb-dist/assets/ruby-Wjq7vjNf.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperweb-dist/noVNC/app/images/icons/Makefile
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings