Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/install-skill.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgscripts/install-skill.mjsView file
1Install-time AI-agent control hijack evidence:
L22: const TARGET_SKILL_ROOTS = [
L23: path.join(".claude", "skills"),
L24: path.join(".agents", "skills"),
L25: path.join(".codex", "skills"),
L26: ];
...
L58: const stamped = text.replace(/^scriptctl_version:.*$/m, `scriptctl_version: "${version}"`);
L59: fs.writeFileSync(skillMdPath, stamped, "utf-8");
L60: } catch {
...
L67: fs.rmSync(target, { recursive: true, force: true });
L68: fs.mkdirSync(path.dirname(target), { recursive: true });
L69: fs.cpSync(skillSrc, target, { recursive: true });
L70: stampVersion(path.join(target, "SKILL.md"), version);
Payload evidence from skills/scriptctl/SKILL.md:
L1: ---
L2: name: scriptctl
Critical
Ai Agent Control Hijack
Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/install-skill.mjsView on unpkg · L1Findings
1 Critical1 High3 Medium4 Low
CriticalAi Agent Control Hijackscripts/install-skill.mjs
HighInstall Time Lifecycle Scriptspackage.json
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings