registry  /  @jun133/kitty  /  0.0.26

@jun133/kitty@0.0.26

Agent

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is an interactive coding-agent CLI whose privileged tools are activated during explicit runtime use, not installation.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `kitty` and submits agent work or explicit CLI commands.
Impact
Can act on the current project and user-selected network targets as advertised, but no unconsented install-time or hidden behavior was found.
Mechanism
User-directed agent orchestration with local shell, file, git, and HTTP tools.
Rationale
Direct inspection shows a benign agent CLI with intentionally broad capabilities during explicit user-driven runtime. Its sole install hook is informational and does not mutate files or contact the network.
Evidence
package.jsonscripts/postinstall.cjsdist/cli.jsdist/chunk-3ZTULS6C.mjsdist/chunk-OVPBQZVC.mjsREADME.md

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `package.json` postinstall only prints usage guidance.
    • `scripts/postinstall.cjs` has no filesystem, network, or subprocess actions.
    • `dist/cli.js` creates `.kitty` configuration only through explicit `kitty init`.
    • `dist/chunk-3ZTULS6C.mjs` exposes shell, file, and HTTP tools as runtime agent capabilities.
    • Runtime network requests use tool-supplied URLs; no hard-coded exfiltration endpoint was found.
    • No import-time payload, credential harvesting, foreign agent-config mutation, or stealth persistence was found.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 13 file(s), 889 KB of source, external domains: api.cerebras.ai, api.deepseek.com, api.groq.com, api.openai.com, api.telegram.org, apihub.agnes-ai.com, code.ylsagi.com, generativelanguage.googleapis.com, integrate.api.nvidia.com, w.ciykj.cn, www.apache.org
    Oversized source lightweight scan
    dist/cli.js10.3 MB file, sampled 256 KB
    FilesystemNetworkChildProcessEnvironmentVarsCryptoWebSocketDynamicRequireHighEntropyStringsUrlStringsapi.cerebras.aiapi.deepseek.comapi.groq.comapi.openai.comapi.telegram.orgapihub.agnes-ai.comcode.ylsagi.comgenerativelanguage.googleapis.comintegrate.api.nvidia.comw.ciykj.cnwww.apache.org

    Source & flagged code

    5 flagged · loading source
    package.jsonView file
    scripts.postinstall = node scripts/postinstall.cjs
    High
    Install Time Lifecycle Scripts

    Package defines install-time lifecycle scripts.

    package.jsonView on unpkg
    dist/chunk-NARZ6UPR.mjsView file
    119const command = typeof payload?.command === "string" ? payload.command : "command"; L120: const exitCode = typeof payload?.exitCode === "number" ? payload.exitCode : "unknown"; L121: return `bash ${truncate(oneLine2(command), 120)} (exit ${exitCode})`; ... L158: try { L159: const parsed = JSON.parse(raw); L160: return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : null; ... L407: transport: "standard", L408: defaultBaseUrl: "https://api.deepseek.com", L409: requestTimeoutMs: DEFAULT_REQUEST_TIMEOUT_MS,
    Low
    Weak Crypto

    Package source references weak cryptographic algorithms.

    dist/chunk-NARZ6UPR.mjsView on unpkg · L119
    dist/cli.jsView file
    path = dist/cli.js kind = oversized_source_file sizeBytes = 10820752 magicHex = [redacted]
    High
    Oversized Source File

    Package contains source files above the static scanner size ceiling.

    dist/cli.jsView on unpkg
    path = dist/cli.js kind = oversized_cli_entrypoint sizeBytes = 10820752 magicHex = [redacted]
    Medium
    Oversized Cli Entrypoint

    Package contains an oversized executable-looking CLI entrypoint.

    dist/cli.jsView on unpkg
    dist/chunk-3ZTULS6C.mjsView file
    matchType = previous_version_dangerous_delta matchedPackage = @jun133/kitty@0.0.25 matchedIdentity = npm:QGp1bjEzMy9raXR0eQ:0.0.25 similarity = 0.538 summary = stored previous version shares package body but lacks this dangerous source file
    High
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/chunk-3ZTULS6C.mjsView on unpkg

    Findings

    3 High5 Medium6 Low
    HighInstall Time Lifecycle Scriptspackage.json
    HighOversized Source Filedist/cli.js
    HighPrevious Version Dangerous Deltadist/chunk-3ZTULS6C.mjs
    MediumDynamic Require
    MediumNetwork
    MediumEnvironment Vars
    MediumOversized Cli Entrypointdist/cli.js
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowWeak Cryptodist/chunk-NARZ6UPR.mjs
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings