registry  /  @nexrall/code-core  /  1.4.2

@nexrall/code-core@1.4.2

Core agent loop, tools, and extension primitives for Nexrall Code — embed an AI coding agent in any Node.js application.

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 12 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 25 file(s), 362 KB of source, external domains: 169.254.169.254, api.nexrall.com, codeload.github.com, nexrall.com

Source & flagged code

4 flagged · loading source
dist/tools/tsLangService.jsView file
41exports._resetTsServiceCache = _resetTsServiceCache; L42: const path = __importStar(require("path")); L43: const fs = __importStar(require("fs"));
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/tools/tsLangService.jsView on unpkg · L41
dist/checkpoint/manager.jsView file
42const crypto = __importStar(require("crypto")); L43: const child_process_1 = require("child_process"); L44: // ─── Checkpoint / Rewind ──────────────────────────────────────────────────── ... L133: // polluting the real ~/.nexrall/checkpoints). L134: const base = process.env.NEXRALL_CHECKPOINT_DIR || path.join(os.homedir(), '.nexrall', 'checkpoints'); L135: this.storeDir = path.join(base, key); ... L221: return null; L222: const hash = (r.stdout ?? '').trim(); L223: // Empty output = clean tree (nothing to snapshot). A dangling commit is ... L332: existed: s.existed, L333: content: s.content ? s.content.toString('base64') : null, L334: })),
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/checkpoint/manager.jsView on unpkg · L42
dist/tools/executor.jsView file
39const os = __importStar(require("os")); L40: const https = __importStar(require("https")); L41: const http = __importStar(require("http")); L42: const dns = __importStar(require("dns")); L43: const child_process_1 = require("child_process"); L44: const sandbox_1 = require("./sandbox"); ... L59: // cause or a failing assertion lives. To make the full log recoverable WITHOUT L60: // bloating the model context, we stream the complete stdout+stderr to a temp file L61: // (bounded by MAX_SPILL_BYTES) and tell the model it can `read_file` that path with ... L165: function resolvePath(inputPath, workDir) { L166: const base = workDir ?? process.cwd(); L167: const resolved = path.isAbsolute(inputPath)
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/tools/executor.jsView on unpkg · L39
matchType = previous_version_dangerous_delta matchedPackage = @nexrall/code-core@1.4.1 matchedIdentity = npm:QG5leHJhbGwvY29kZS1jb3Jl:1.4.1 similarity = 0.875 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/tools/executor.jsView on unpkg

Findings

2 High4 Medium6 Low
HighCloud Metadata Accessdist/tools/executor.js
HighPrevious Version Dangerous Deltadist/tools/executor.js
MediumDynamic Requiredist/tools/tsLangService.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/checkpoint/manager.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings