registry  /  @remnic/plugin-codex  /  9.3.664

@remnic/plugin-codex@9.3.664

Remnic memory plugin for Codex CLI — hooks, skills, MCP integration

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 61.4 KB of source

Source & flagged code

4 flagged · loading source
hooks/bin/remnic-codex-hook.cjsView file
28const http = require("http"); L29: const { execFileSync, spawn, spawnSync } = require("child_process"); L30:
High
Child Process

Package source references child process execution.

hooks/bin/remnic-codex-hook.cjsView on unpkg · L28
27const path = require("path"); L28: const http = require("http"); L29: const { execFileSync, spawn, spawnSync } = require("child_process"); L30: L31: const HOME = process.env.HOME || process.env.USERPROFILE || os.homedir(); L32: const HOST = process.env.REMNIC_HOST || process.env.ENGRAM_HOST || "127.0.0.1";
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

hooks/bin/remnic-codex-hook.cjsView on unpkg · L27
893} else if (repoRoot) { L894: const r = spawnSync("npx", ["--yes", "tsx", "scripts/codex-materialize.ts", "--reason", "session_end"], { L895: cwd: repoRoot,
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

hooks/bin/remnic-codex-hook.cjsView on unpkg · L893
hooks/bin/remnic-codex-hook.ps1View file
path = hooks/bin/remnic-codex-hook.ps1 kind = build_helper sizeBytes = 525 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

hooks/bin/remnic-codex-hook.ps1View on unpkg

Findings

3 High4 Medium2 Low
HighChild Processhooks/bin/remnic-codex-hook.cjs
HighSame File Env Network Executionhooks/bin/remnic-codex-hook.cjs
HighRuntime Package Installhooks/bin/remnic-codex-hook.cjs
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperhooks/bin/remnic-codex-hook.ps1
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings