registry  /  @sayknow-cli/coding-agent  /  0.3.7

@sayknow-cli/coding-agent@0.3.7

Sayknow-CLI CLI with read, bash, edit, write tools and session management

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 19 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1,042 file(s), 11.9 MB of source, external domains: 127.0.0.1, addons.mozilla.org, api.anthropic.com, api.coingecko.com, api.crossref.org, api.discogs.com, api.exa.ai, api.example.com, api.github.com, api.kimi.com, api.layofflabs.com, api.minimax.io, api.minimaxi.com, api.npmjs.org, api.nuget.org, api.openai.com, api.opencorporates.com, api.osv.dev, api.parallel.ai, api.perplexity.ai, api.proxy.example, api.rawg.io, api.search.brave.com, api.semanticscholar.org, api.smithery.ai, api.snapcraft.io, api.stackexchange.com, api.synthetic.new, api.tavily.com, api.telegram.org, api.w3.org, api.x.ai, api.z.ai, api.zenmux.example, artifacthub.io, arxiv.org, aside.com, aside.example.invalid, aur.archlinux.org, auth.example.com, auth.kimi.com, auth.x.ai, bedrock-runtime.us-east-1.amazonaws.com, broker.tailnet, bun.sh, cdn.syndication.twimg.com, cdnjs.cloudflare.com, chatgpt.com, cheat.sh, choosealicense.com

Source & flagged code

10 flagged · loading source
src/tools/eval.tsView file
617patternName = generic_password severity = medium line = 617 matchedText = pwd: "...
Medium
Secret Pattern

Package contains a possible secret pattern.

src/tools/eval.tsView on unpkg · L617
scripts/verify-insane-vendor.tsView file
14*/ L15: import { execFileSync } from "node:child_process"; L16: import { existsSync, readdirSync, readFileSync, statSync } from "node:fs";
High
Child Process

Package source references child process execution.

scripts/verify-insane-vendor.tsView on unpkg · L14
src/utils/clipboard.tsView file
68L69: // PowerShell one-liner that emits the clipboard image as base64-encoded PNG on L70: // stdout, or nothing when the clipboard does not hold image data. Used as the
High
Shell

Package source references shell execution.

src/utils/clipboard.tsView on unpkg · L68
vendor/insane-search/engine/templates/playwright_mobile_chrome.jsView file
13L14: const dns = require('dns').promises; L15: const net = require('net');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

vendor/insane-search/engine/templates/playwright_mobile_chrome.jsView on unpkg · L13
src/utils/shell-snapshot.tsView file
4* Creates a snapshot file that captures the user's shell environment from their L5: * .bashrc/.zshrc, which can be sourced before each command to provide a familiar L6: * shell experience. ... L26: function getShellConfigFile(shell: string): string { L27: const home = os.homedir(); L28: if (shell.includes("zsh")) return path.join(home, ".zshrc"); ... L52: typeset -f > /dev/null 2>&1 L53: # Get user function names - filter system/private ones L54: typeset +f 2>/dev/null | grep -vE '^(_|__)' | grep -vE '${commonToolsRegex}' | while read func; do ... L135: // Skip on Windows (no .bashrc in standard location) L136: if (process.platform === "win32") { L137: return null;
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

src/utils/shell-snapshot.tsView on unpkg · L4
src/internal-urls/docs-index.generated.tsView file
25"fs-scan-cache-architecture.md": "# Filesystem Scan Cache Architecture Contract\n\nThis document defines the current contract for the shared filesystem scan cache implemented in Ru... L26: "geobench.md": "# GEO benchmark for Sayknow-CLI\n\nThis repository includes a [`geobench`](https://github.com/NomaDamas/geobench) product spec for measuring LLM answer visibility: ... L27: "git-daemon.md": "# Git daemon\n\nThe git daemon is the autonomous per-repo service that watches a repository and resolves referenced work items by opening reviewed pull requests.\... ... L31: "hotspot-map-successor.md": "# cpu-hotspot-map.json — successor pointer\n\n[`cpu-hotspot-map.json`](./cpu-hotspot-map.json) is **closed out**. All 11 CPU hotspots (H01–H11) and 5 m... L32: "keybindings.md": "# Keybindings\n\nRun `/hotkeys` inside an `skc` session to see the active chords for your current build. The list reflects any remaps loaded from disk and any bi... L33: "lsp-config.md": "# LSP configuration in SKC\n\nThis guide explains how to configure language servers for the SKC coding agent.\n\nSource of truth in code:\n\n- Server config type:... ... L40: "natives-binding-contract.md": "# Natives Binding Con
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

src/internal-urls/docs-index.generated.tsView on unpkg · L25
src/stt/setup.tsView file
3L4: const isWindows = process.platform === "win32"; L5: ... L14: const recorderHint = isWindows L15: ? "PowerShell fallback available. For better quality: install SoX or FFmpeg." L16: : "Install SoX: sudo apt install sox, or FFmpeg: sudo apt install ffmpeg"; ... L18: const pythonCmd = resolvePython(); L19: const pythonHint = "Install Python 3.8+ from https://python.org"; L20: ... L23: const check = Bun.spawnSync([pythonCmd, "-c", "import whisper"], { L24: stdout: "pipe", L25: stderr: "pipe",
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/stt/setup.tsView on unpkg · L3
vendor/insane-search/engine/phase0.pyView file
path = vendor/insane-search/engine/phase0.py kind = build_helper sizeBytes = 9969 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

vendor/insane-search/engine/phase0.pyView on unpkg
vendor/insane-search/engine/tests/test_u1.pyView file
path = vendor/insane-search/engine/tests/test_u1.py kind = payload_in_excluded_dir sizeBytes = 8679 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

vendor/insane-search/engine/tests/test_u1.pyView on unpkg
src/main.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @sayknow-cli/coding-agent@0.3.6 matchedIdentity = npm:[redacted]:0.3.6 similarity = 0.750 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/main.tsView on unpkg

Findings

6 High7 Medium6 Low
HighChild Processscripts/verify-insane-vendor.ts
HighShellsrc/utils/clipboard.ts
HighSame File Env Network Executionsrc/internal-urls/docs-index.generated.ts
HighSandbox Evasion Gated Capabilitysrc/stt/setup.ts
HighPayload In Excluded Dirvendor/insane-search/engine/tests/test_u1.py
HighPrevious Version Dangerous Deltasrc/main.ts
MediumSecret Patternsrc/tools/eval.ts
MediumDynamic Requirevendor/insane-search/engine/templates/playwright_mobile_chrome.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencesrc/utils/shell-snapshot.ts
MediumShips Build Helpervendor/insane-search/engine/phase0.py
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings