registry  /  @miller-tech/uap  /  1.97.0

@miller-tech/uap@1.97.0

⚠ Under review

Autonomous AI agent memory system with CLAUDE.md protocol enforcement

Static Scan Results

scanned 23h ago · by rust-scanner

Static analysis flagged 21 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 244 file(s), 2.61 MB of source, external domains: 127.0.0.1, 192.168.1.165, api.anthropic.com, api.openai.com, docs.docker.com, git-scm.com, github.com, opencode.ai, raw.githubusercontent.com, www.rtk-ai.app, xxxxxx.aws.cloud.qdrant.io

Source & flagged code

11 flagged · loading source
package.jsonView file
scripts.postinstall = echo ' ✨ Run: npx @miller-tech/uap init --interactive'
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
tools/agents/scripts/qwen-tool-call-test.jsView file
8L9: import { execFileSync } from 'child_process'; L10: import { dirname, join } from 'path';
High
Child Process

Package source references child process execution.

tools/agents/scripts/qwen-tool-call-test.jsView on unpkg · L8
dist/browser/web-browser.jsView file
112// If a string is passed, wrap it in a function L113: const func = typeof script === 'string' ? new Function('return (' + script + ')()') : script; L114: return await page.evaluate(func);
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/browser/web-browser.jsView on unpkg · L112
tools/agents/scripts/tool-choice-proxy.cjsView file
39L40: const http = require('http'); L41: const https = require('https');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

tools/agents/scripts/tool-choice-proxy.cjsView on unpkg · L39
dist/delivery/execution-gate.jsView file
16*/ L17: import { spawnSync } from 'child_process'; L18: import { createServer } from 'http'; L19: import { createReadStream, existsSync, readdirSync, readFileSync, realpathSync, statSync } from 'fs'; ... L31: const out = {}; L32: for (const [k, v] of Object.entries(process.env)) { L33: if (/API_KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL/i.test(k)) ... L97: return 'web'; L98: const pkgPath = join(projectRoot, 'package.json'); L99: if (existsSync(pkgPath)) { L100: try { L101: const pkg = JSON.parse(readFileSync(pkgPath, 'utf-8'));
Medium
Unsafe Vm Context

Package source executes code through a VM context API.

dist/delivery/execution-gate.jsView on unpkg · L16
dist/self-harness/weakness.jsView file
1/** L2: * Self-Harness — Weakness Mining types and stable failure-signature hashing.
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/self-harness/weakness.jsView on unpkg · L1
dist/memory/serverless-qdrant.jsView file
110getApiKey() { L111: return this.config.cloudServerless.apiKey || process.env.QDRANT_API_KEY; L112: } ... L117: try { L118: const result = execSync(`curl -s -o /dev/null -w "%{http_code}" http://localhost:${this.config.lazyLocal.port}/health`, { encoding: 'utf-8', timeout: 5000 }); L119: return result.trim() === '200';
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/memory/serverless-qdrant.jsView on unpkg · L110
dist/cli/design.jsView file
25function runGoogleCli(args) { L26: const r = spawnSync('npx', ['--yes', '@google/design.md', ...args], { encoding: 'utf-8', timeout: 120_000 }); L27: const stderr = r.stderr || '';
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/cli/design.jsView on unpkg · L25
tools/agents/migrations/apply.pyView file
path = tools/agents/migrations/apply.py kind = build_helper sizeBytes = 9470 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

tools/agents/migrations/apply.pyView on unpkg
tools/agents/tests/test_attractor_detection.pyView file
path = tools/agents/tests/test_attractor_detection.py kind = payload_in_excluded_dir sizeBytes = 8429 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

tools/agents/tests/test_attractor_detection.pyView on unpkg
dist/cli/deliver.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @miller-tech/uap@1.90.0 matchedIdentity = npm:QG1pbGxlci10ZWNoL3VhcA:1.90.0 similarity = 0.867 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/cli/deliver.jsView on unpkg

Findings

1 Critical6 High6 Medium8 Low
CriticalPrevious Version Dangerous Deltadist/cli/deliver.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processtools/agents/scripts/qwen-tool-call-test.js
HighShell
HighSame File Env Network Executiondist/memory/serverless-qdrant.js
HighRuntime Package Installdist/cli/design.js
HighPayload In Excluded Dirtools/agents/tests/test_attractor_detection.py
MediumDynamic Requiretools/agents/scripts/tool-choice-proxy.cjs
MediumUnsafe Vm Contextdist/delivery/execution-gate.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helpertools/agents/migrations/apply.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/browser/web-browser.js
LowWeak Cryptodist/self-harness/weakness.js
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings