Lotics SDK and CLI for AI agents
Static analysis flagged 16 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package source references child process execution.
dist/app_commands.jsView on unpkg · L15A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/src/cli.jsView on unpkg · L31515Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/src/cli.jsView on unpkg · L400Package source references a known benign dynamic code generation pattern.
dist/src/cli.jsView on unpkg · L10240Package source references dynamic require/import behavior.
dist/app_workflow_check.jsView on unpkg · L86Package source invokes a package manager install command at runtime.
dist/dev/server.jsView on unpkg · L4Package source references child process execution.
dist/app_commands.jsView on unpkg · L15A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/src/cli.jsView on unpkg · L31515Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/src/cli.jsView on unpkg · L400Package source invokes a package manager install command at runtime.
dist/dev/server.jsView on unpkg · L4Package source references a known benign dynamic code generation pattern.
dist/src/cli.jsView on unpkg · L10240Package source references dynamic require/import behavior.
dist/app_workflow_check.jsView on unpkg · L86