registry  /  @ottocode/sdk  /  0.1.349

@ottocode/sdk@0.1.349

AI agent SDK for building intelligent assistants - tree-shakable and comprehensive

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 162 file(s), 1015 KB of source, external domains: accounts.x.ai, ai.google.dev, api-docs.deepseek.com, api.anthropic.com, api.deepseek.com, api.github.com, api.githubcopilot.com, api.kimi.com, api.meta.ai, api.minimax.io, api.moonshot.ai, api.openai.com, api.ottorouter.org, api.x.ai, api.z.ai, auth.kimi.com, auth.openai.com, auth.x.ai, chatgpt.com, cli-chat-proxy.grok.com, dev.meta.ai, docs.anthropic.com, docs.baseten.co, docs.github.com, docs.ollama.com, docs.wafer.ai, docs.x.ai, docs.z.ai, github.com, html.duckduckgo.com, huggingface.co, inference.baseten.co, ollama.com, opencode.ai, openrouter.ai, ottocode.io, ottorouter.org, pass.wafer.ai, platform.claude.com, platform.kimi.ai, platform.minimax.io, platform.openai.com, raw.githubusercontent.com, router.huggingface.co

Source & flagged code

3 flagged · loading source
src/config/src/paths.tsView file
280L281: async function loadFsPromises(): Promise<typeof import('node:fs/promises')> { L282: return Function('specifier', 'return import(specifier)')('node:fs/promises');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/config/src/paths.tsView on unpkg · L280
src/auth/src/oauth.tsView file
1import { spawn } from 'node:child_process'; L2: import { randomBytes, createHash } from 'node:crypto'; ... L5: const CLAUDE_CLI_VERSION = '1.0.61'; L6: const OAUTH_TOKEN_ENDPOINT = 'https://platform.claude.com/v1/oauth/token'; L7: const OAUTH_REDIRECT_URI = 'https://platform.claude.com/oauth/code/callback'; ... L12: function generatePKCE() { L13: // Generate random verifier (43-128 characters, base64url encoded) L14: const verifier = randomBytes(32) ... L31: async function openBrowser(url: string) { L32: const platform = process.platform; L33: let command: string; ... L51: if (code === 0) resolve();
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/auth/src/oauth.tsView on unpkg · L1
src/core/src/tools/bin-manager.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @ottocode/sdk@0.1.348 matchedIdentity = npm:QG90dG9jb2RlL3Nkaw:0.1.348 similarity = 0.917 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/core/src/tools/bin-manager.tsView on unpkg

Findings

2 High4 Medium4 Low
HighSandbox Evasion Gated Capabilitysrc/auth/src/oauth.ts
HighPrevious Version Dangerous Deltasrc/core/src/tools/bin-manager.ts
MediumDynamic Requiresrc/config/src/paths.ts
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings