registry  /  @promptbook/node  /  0.113.0-4

@promptbook/node@0.113.0-4

Promptbook: Create persistent AI agents that turn your company's scattered knowledge into action

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 3.74 MB of source, external domains: api.github.com, calendar.google.com, example.com, github.com, legal-db.example.com, linkedin.com, platform.openai.com, praha13.cz, promptbook.studio, pseudo-agent.promptbook, ptbk.io, s6.ptbk.io, serpapi.com, stackoverflow.com, twitter.com, www.googleapis.com, www.npmjs.com, www.pavolhejny.com

Source & flagged code

4 flagged · loading source
esm/index.es.jsView file
30062name: 'agent-file-import-plugin', L30063: canImport(mimeType) { L30064: // [🧠] Should we have a specific MIME type for agent books?
Medium
Dynamic Require

Package source references dynamic require/import behavior.

esm/index.es.jsView on unpkg · L30062
8676try { L8677: eval(script); // <- TODO: Use `JavascriptExecutionTools.execute` here L8678: }
Low
Eval

Package source references a known benign dynamic code generation pattern.

esm/index.es.jsView on unpkg · L8676
umd/index.umd.jsView file
3typeof define === 'function' && define.amd ? define(['exports', 'path', 'fs/promises', 'colors', 'child_process', 'spacetrim', '@openai/agents', 'url', '@mozilla/readability', 'jsd... L4: (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global["promptbook-node"] = {}, global.path, global.promises, global.colors, global.child_process... L5: })(this, (function (exports, path, promises, colors, child_process, _spaceTrim, agents, url, readability, jsdom, CryptoJS, hexEncoder, showdown, JSZip, waitasecond, dotenv, sha256,...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

umd/index.umd.jsView on unpkg · L3
package.jsonView file
Runtime dependency names matching Node built-ins: crypto
High
Node Builtin Dependency Squat

Package declares a runtime dependency whose name matches a Node built-in module.

package.jsonView on unpkg

Findings

2 High4 Medium4 Low
HighObfuscated Payload Loaderumd/index.umd.js
HighNode Builtin Dependency Squatpackage.json
MediumDynamic Requireesm/index.es.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowEvalesm/index.es.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings