registry  /  @nuucognition/flint-cli  /  0.6.0-dev.17

@nuucognition/flint-cli@0.6.0-dev.17

Flint cognitive workspace CLI

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 3 file(s), 262 KB of source, external domains: 127.0.0.1
Oversized source lightweight scan
dist/index.js10.0 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsCryptoShellHighEntropyStringsUrlStrings127.0.0.1

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node ./scripts/fix-node-pty-perms.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
bin/flint-prod.jsView file
9process.env.FLINT_CLI_ENTRYPOINT ??= entrypoint; L10: await import(pathToFileURL(entrypoint).href);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/flint-prod.jsView on unpkg · L9
dist/index.jsView file
path = dist/index.js kind = oversized_source_file sizeBytes = 10532760 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/index.jsView on unpkg

Findings

2 High4 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
HighOversized Source Filedist/index.js
MediumDynamic Requirebin/flint-prod.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License