registry  /  @monoes/monomindcli  /  1.18.0

@monoes/monomindcli@1.18.0

⚠ Under review

Monomind CLI - Enterprise AI agent orchestration with 60+ specialized agents, swarm coordination, MCP server, self-learning hooks, and vector memory for Claude Code

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 27 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
Manifest
WildcardDependency
scanned 371 file(s), 4.84 MB of source, external domains: 127.0.0.1, a2a-protocol.org, accounts.google.com, api.anthropic.com, api.osv.dev, api.pinata.cloud, api.web3.storage, cdn.jsdelivr.net, cli.github.com, cloud.google.com, cloudflare-ipfs.com, dweb.link, gateway.pinata.cloud, gemini.google.com, generativelanguage.googleapis.com, git-scm.com, github.com, hub.docker.com, ipfs.io, login.microsoftonline.com, nodejs.org, pinata.cloud, registry.npmjs.org, services.nvd.nist.gov, storage.googleapis.com, w3s.link, web3.storage, www.instagram.com, www.linkedin.com, www.w3.org, x.com

Source & flagged code

18 flagged · loading source
README.mdView file
isSafe('Ignore all previous instructions'); // → false (~0.04ms)
High
Ai Reviewer Manipulation

Package text addresses the security reviewer or scanner and tries to influence the review outcome.

README.mdView on unpkg
dist/src/mcp-tools/quality/security-compliance/detect-secrets.jsView file
282patternName = generic_password severity = medium line = 282 matchedText = password...er',
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/src/mcp-tools/quality/security-compliance/detect-secrets.jsView on unpkg · L282
dist/workflow/builtin-handlers.jsView file
68var node_path_1 = require("node:path"); L69: var node_child_process_1 = require("node:child_process"); L70: // Call npx monomind browse <args> and return stdout. Never throws.
High
Child Process

Package source references child process execution.

dist/workflow/builtin-handlers.jsView on unpkg · L68
68var node_path_1 = require("node:path"); L69: var node_child_process_1 = require("node:child_process"); L70: // Call npx monomind browse <args> and return stdout. Never throws. L71: function browseCmd(args, timeoutMs) {
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/workflow/builtin-handlers.jsView on unpkg · L68
dist/src/init/statusline-generator.jsView file
186L187: const raw = safeExec(\`sh -c '\${script}'\`, 3000); L188: if (!raw) return result;
High
Shell

Package source references shell execution.

dist/src/init/statusline-generator.jsView on unpkg · L186
41const path = require('path'); L42: const { execSync } = require('child_process'); L43: const os = require('os'); ... L49: L50: const CWD = process.env.CLAUDE_PROJECT_DIR || process.cwd(); L51: L52: // Read monomind version — check global install first, then CWD package.json L53: function getVersion() { ... L66: if (!pkgStat || pkgStat.size > 1024 * 1024) continue; L67: const pkg = JSON.parse(fs.readFileSync(p, 'utf-8')); L68: if (pkg.version && (pkg.name === 'monomind' || pkg.name === '@monomind/cli' || (pkg.name || '').startsWith('@monomind'))) { ... L1268: if (!options.statusline.enabled) {
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/src/init/statusline-generator.jsView on unpkg · L41
dist/src/workflow/condition-evaluator.jsView file
78// eslint-disable-next-line @typescript-eslint/no-implied-eval L79: const fn = new Function(`"use strict"; return (${resolved});`); L80: return Boolean(fn());
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/src/workflow/condition-evaluator.jsView on unpkg · L78
dist/dashboard/server.jsView file
5exports.getDashboard = getDashboard; L6: var node_http_1 = require("node:http"); L7: var node_fs_1 = require("node:fs");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/dashboard/server.jsView on unpkg · L5
dist/src/commands/providers.jsView file
33], L34: data: [ L35: { provider: 'Anthropic', type: 'LLM', models: 'claude-3.5-sonnet, opus', status: output.success('Active') }, ... L67: output.printError('Provider name is required. Use -p <name> or pass as first argument.'); L68: return { success: false, exitCode: 1 }; L69: } L70: const cwd = process.cwd(); L71: const config = configManager.getConfig(cwd); ... L146: test: async () => { L147: const key = process.env.ANTHROPIC_API_KEY || getConfigApiKey('anthropic'); L148: if (key) ... L174: const entry = configuredProviders.find((p) => typeof p.name === 'string' && p.name.toLowerCase() === 'ollama');
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/src/commands/providers.jsView on unpkg · L33
dist/src/mcp-tools/agentdb-tools.jsView file
530package = @monoes/monomindcli; repositoryIdentity = monomind; dependency = @monomind/security L530: try { L531: const secMod = await import('@monomind/security').catch(() => null); L532: const validateExternalContent = secMod?.validateExternalContent;
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/src/mcp-tools/agentdb-tools.jsView on unpkg · L530
scripts/sync-claude-assets.shView file
path = scripts/sync-claude-assets.sh kind = build_helper sizeBytes = 1014 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

scripts/sync-claude-assets.shView on unpkg
dist/src/init/executor.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @monoes/monomindcli@1.17.0 matchedIdentity = npm:QG1vbm9lcy9tb25vbWluZGNsaQ:1.17.0 similarity = 0.750 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/src/init/executor.jsView on unpkg
.claude/agents/core/reviewer.mdView file
85patternName = generic_password severity = medium line = 85 matchedText = console....rd);
Medium
Secret Pattern

Hardcoded password in .claude/agents/core/reviewer.md

.claude/agents/core/reviewer.mdView on unpkg · L85
.claude/agents/testing/testing-api-tester.mdView file
78patternName = generic_password severity = medium line = 78 matchedText = password...ord'
Medium
Secret Pattern

Hardcoded password in .claude/agents/testing/testing-api-tester.md

.claude/agents/testing/testing-api-tester.mdView on unpkg · L78
.claude/agents/testing/testing-performance-benchmarker.mdView file
94patternName = generic_password severity = medium line = 94 matchedText = password...123'
Medium
Secret Pattern

Hardcoded password in .claude/agents/testing/testing-performance-benchmarker.md

.claude/agents/testing/testing-performance-benchmarker.mdView on unpkg · L94
.claude/agents/sparc/refinement.mdView file
41patternName = generic_password severity = medium line = 41 matchedText = password...23!'
Medium
Secret Pattern

Hardcoded password in .claude/agents/sparc/refinement.md

.claude/agents/sparc/refinement.mdView on unpkg · L41
69patternName = generic_password severity = medium line = 69 matchedText = password...ord'
Medium
Secret Pattern

Hardcoded password in .claude/agents/sparc/refinement.md

.claude/agents/sparc/refinement.mdView on unpkg · L69
245patternName = generic_password severity = medium line = 245 matchedText = passwo...
Medium
Secret Pattern

Hardcoded password in .claude/agents/sparc/refinement.md

.claude/agents/sparc/refinement.mdView on unpkg · L245

Findings

1 Critical6 High14 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/src/init/executor.js
HighAi Reviewer ManipulationREADME.md
HighChild Processdist/workflow/builtin-handlers.js
HighShelldist/src/init/statusline-generator.js
HighCloud Metadata Accessdist/src/commands/providers.js
HighCopied Package Dependency Bridgedist/src/mcp-tools/agentdb-tools.js
HighRuntime Package Installdist/workflow/builtin-handlers.js
MediumSecret Patterndist/src/mcp-tools/quality/security-compliance/detect-secrets.js
MediumDynamic Requiredist/dashboard/server.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/src/init/statusline-generator.js
MediumShips Build Helperscripts/sync-claude-assets.sh
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
MediumSecret Pattern.claude/agents/core/reviewer.md
MediumSecret Pattern.claude/agents/testing/testing-api-tester.md
MediumSecret Pattern.claude/agents/testing/testing-performance-benchmarker.md
MediumSecret Pattern.claude/agents/sparc/refinement.md
MediumSecret Pattern.claude/agents/sparc/refinement.md
MediumSecret Pattern.claude/agents/sparc/refinement.md
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/src/workflow/condition-evaluator.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings