registry  /  @oneie/cli  /  0.10.0

@oneie/cli@0.10.0

⚠ Under review

ONE agent CLI

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 41 file(s), 210 KB of source, external domains: agentverse.ai, api.anthropic.com, api.github.com, api.one.ie, channels.one.ie, one.ie, pay.one.ie

Source & flagged code

5 flagged · loading source
dist/src/create.jsView file
3import { resolve, join } from 'node:path'; L4: import { spawnSync } from 'node:child_process'; L5: const SAFE_REF = /^[A-Za-z0-9._/-]+$/;
High
Child Process

Package source references child process execution.

dist/src/create.jsView on unpkg · L3
dist/src/plugin.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @oneie/cli@0.6.0 matchedIdentity = npm:QG9uZWllL2NsaQ:0.6.0 similarity = 0.923 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/src/plugin.jsView on unpkg
2import { mkdirSync } from 'node:fs'; L3: import { spawnSync } from 'node:child_process'; L4: function out(cmd, data) { L5: if (process.env.ONEIE_JSON) { L6: process.stdout.write(JSON.stringify({ cmd, ...data }) + '\n'); ... L17: function apiBase(opts) { L18: return opts.api ?? process.env.ONEIE_BASE_URL ?? 'https://one.ie'; L19: }
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/src/plugin.jsView on unpkg · L2
2import { mkdirSync } from 'node:fs'; L3: import { spawnSync } from 'node:child_process'; L4: function out(cmd, data) { L5: if (process.env.ONEIE_JSON) { L6: process.stdout.write(JSON.stringify({ cmd, ...data }) + '\n'); L7: } ... L17: function apiBase(opts) { L18: return opts.api ?? process.env.ONEIE_BASE_URL ?? 'https://one.ie'; L19: }
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/src/plugin.jsView on unpkg · L2
dist/src/skill.jsView file
74.description('Import a skill from URL, npm, or github shorthand') L75: .option('--slug <slug>', 'Owner slug', process.env.ONEIE_SLUG ?? 'local') L76: .option('--price <usd>', 'Price USD', '0.02') ... L79: .action(async (ref, opts) => { L80: const keyFile = resolve(homedir(), '.config', 'oneie', 'key'); L81: const token = process.env.ONEIE_API_KEY ?? (existsSync(keyFile) ? readFileSync(keyFile, 'utf8').trim() : ''); ... L85: } L86: const baseUrl = process.env.ONEIE_BASE_URL ?? 'https://one.ie'; L87: try { ... L90: headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${token}` }, L91: body: JSON.stringify({ ref, slug: opts.slug, price: Number(opts.price), name: opts.name }), L92: });
High
Credential Exfiltration

Source combines credential-like environment material and outbound requests; review data flow before blocking.

dist/src/skill.jsView on unpkg · L74

Findings

1 Critical5 High4 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/src/plugin.js
HighChild Processdist/src/create.js
HighShell
HighSame File Env Network Executiondist/src/plugin.js
HighCredential Exfiltrationdist/src/skill.js
HighCommand Output Exfiltrationdist/src/plugin.js
MediumDynamic Require
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License