registry  /  @miracleplus/mplus  /  0.5.13

@miracleplus/mplus@0.5.13

⚠ Under review

奇绩创坛命令行工具(mplus CLI)

Static Scan Results

scanned 5d ago · by rust-scanner

Static analysis flagged 12 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 46 file(s), 356 KB of source, external domains: api-staging.miracleplus.com, api.miracleplus.com, apply-staging.miracleplus.com, apply.miracleplus.com, build-staging.miracleplus.com, build.miracleplus.com, github.com

Source & flagged code

4 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall-skills.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
bin/mplus.jsView file
3// tsc --watch 会反复重写 dist/index.js,但本文件不受影响。 L4: require('../dist/index.js');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/mplus.jsView on unpkg · L3
dist/registry.jsView file
1'use strict';function _0x5ac9(){var _0x3f0d0e=['mtqWntu5sLPirgPm','mtm2C1jnzfb4','mta0ntmZnZbrzgrHAKi','ne1OEgXMsG','y29TBwfUzfjVBgvZ','ode2nZuWB0Dxu3jq','zgvMAw5LuhjVCgvYDhK','mtC...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/registry.jsView on unpkg · L1
scripts/postinstall-skills.jsView file
3Install-time AI-agent control hijack evidence: L5: * 分发两类资源到用户级目录(父目录存在才铺,不凭空创建): L6: * - skills/ → ~/.agents/skills/(通用,总是)+ ~/.claude/skills/(Claude Code,若 ~/.claude 存在) L7: * - commands/ → ~/.claude/commands/(Claude Code 斜杠命令,若 ~/.claude 存在) L8: * + ~/.codex/prompts/(Codex 自定义命令,若 ~/.codex 存在) L9: */ ... L28: function copyDirSync(src, dest) { L29: fs.mkdirSync(dest, { recursive: true }); L30: for (const entry of fs.readdirSync(src, { withFileTypes: true })) { ... L33: if (entry.isDirectory()) copyDirSync(srcPath, destPath); L34: else fs.copyFileSync(srcPath, destPath); L35: } ... L52: for (const target of targets) { Payload evidence from skills/mplus-reports/SKILL.md: L3: description: "奇绩创坛 DS 报告数据源:按日期区间拉「13 渠道」线索聚合(手机号 contacts + 企微 soc_channel_users)。当用户要统计奇绩线索来源、做周期/同比分析、或生成「线索来源周期对比报告」(DS 报告) 时使用。CLI 只出原始计数——渠道归类、跨源聚合、6 时段周期日历全部由你(AI)按本 skill 规... L4: metadata: L5: requires:
Critical
Ai Agent Control Hijack

Install-time source drops package-supplied AI-agent/MCP control files or instructions.

scripts/postinstall-skills.jsView on unpkg · L3

Findings

1 Critical3 High3 Medium5 Low
CriticalAi Agent Control Hijackscripts/postinstall-skills.js
HighInstall Time Lifecycle Scriptspackage.json
HighObfuscated Payload Loaderdist/registry.js
HighObfuscated
MediumDynamic Requirebin/mplus.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings