registry  /  @pentoshi/clai  /  2.0.31

@pentoshi/clai@2.0.31

⚠ Under review

A fast, cross-platform AI CLI assistant with ask and agent modes for shell tasks, file operations, and cybersecurity workflows.

Static Scan Results

scanned 14d ago · by rust-scanner

Static analysis flagged 11 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 130 file(s), 1.14 MB of source, external domains: agentrouter.org, api.anthropic.com, api.github.com, api.groq.com, api.openai.com, bedrock-mantle.ap-south-1.api.aws, example.com, generativelanguage.googleapis.com, github.com, html.duckduckgo.com, integrate.api.nvidia.com, llm.kimchi.dev, openrouter.ai, router.bynara.id

Source & flagged code

3 flagged · loading source
dist/store/keys.jsView file
34try { L35: const imported = (await import(keychainModuleName)); L36: cachedKeytar = imported.default ?? imported;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/store/keys.jsView on unpkg · L34
dist/tools/web/ssrf-guard.jsView file
2* SSRF guard — classifies an address (or hostname literal) as L3: * private/loopback/link-local/cloud-metadata/CGNAT. Single source of truth L4: * for address classification: `web.fetch` (classifier branch + per-hop ... L7: */ L8: import net from "node:net"; L9: /**
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/tools/web/ssrf-guard.jsView on unpkg · L2
dist/agent/tool-call-parser.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @pentoshi/clai@2.0.27 matchedIdentity = npm:QHBlbnRvc2hpL2NsYWk:2.0.27 similarity = 0.829 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/agent/tool-call-parser.jsView on unpkg

Findings

1 Critical1 High4 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/agent/tool-call-parser.js
HighCloud Metadata Accessdist/tools/web/ssrf-guard.js
MediumDynamic Requiredist/store/keys.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings