registry  /  @shieldly/cli  /  1.3.0

@shieldly/cli@1.3.0

AI-Powered Security Analysis for AWS — official CLI

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 721 KB of source, external domains: 169.254.169.254, 169.254.170.2, a.co, api.shieldly.io, aws.amazon.com, cognito-identity-fips.us-east-1.amazonaws.com, cognito-identity-fips.us-east-2.amazonaws.com, cognito-identity-fips.us-west-1.amazonaws.com, cognito-identity-fips.us-west-2.amazonaws.com, cognito-identity.amazonaws.com, docs.aws.amazon.com, github.com, iam-fips.global.api.aws, iam-fips.us-iso-east-1.c2s.ic.gov, iam-fips.us-isob-east-1.sc2s.sgov.gov, iam.amazonaws.com, iam.cn-north-1.amazonaws.com.cn, iam.eu-isoe-west-1.cloud.adc-e.uk, iam.eusc-de-east-1.amazonaws.eu, iam.global.api.amazonwebservices.com.cn, iam.global.api.aws, iam.us-gov.amazonaws.com, iam.us-gov.api.aws, iam.us-iso-east-1.c2s.ic.gov, iam.us-isob-east-1.sc2s.sgov.gov, iam.us-isof-south-1.csp.hci.ic.gov, portal.sso, portal.sso-fips, raw.githubusercontent.com, react-native.canny.io, sts.amazonaws.com, www.shieldly.io

Source & flagged code

2 flagged · loading source
dist/cli.cjsView file
1#!/usr/bin/env node L2: var WX=Object.create;var Cf=Object.defineProperty;var YX=Object.getOwnPropertyDescriptor;var JX=Object.getOwnPropertyNames;var QX=Object.getPrototypeOf,XX=Object.prototype.hasOwnPr... L3: versions published after the first week of January 2027 ... L8: L9: More information can be found at: https://a.co/c895JFp`))}}});var vZ,wZ,gI,yI=g(()=>{vZ=()=>(e,t)=>async r=>(t.__retryLongPoll=!0,e(r)),wZ={name:"longPollMiddleware",tags:["RETRY"]... L10: `+f}catch{!r.logger||r.logger?.constructor?.name==="NoOpLogger"?console.warn(f):r.logger?.warn?.(f)}typeof d.$responseBodyText<"u"&&d.$response&&(d.$response.body=d.$responseBodyTe... L11: `).slice(0,5).filter(t=>!t.includes("stackTraceWarning")).join(` L12: `),Qi={warn:console.warn}});function Es(e){let t=e.getUTCFullYear(),r=e.getUTCMonth(),s=e.getUTCDay(),n=e.getUTCDate(),o=e.getUTCHours(),i=e.getUTCMinutes(),a=e.getUTCSeconds(),c=n... L13: `+a}catch{!s.logger||s.logger?.constructor?.name==="NoOpLogger"?console.warn(a):s.logger?.warn?.(a)}typeof i.$responseBodyText<"u"&&i.$response&&(i.$response.body=i.$responseBodyTe... L14: `),a){let h=r(await c);p.enqueue(`${o}:${h}\r ... L43: Set AWS_CONTAINER_CREDENTIALS_FULL
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/cli.cjsView on unpkg · L1
1#!/usr/bin/env node L2: var WX=Object.create;var Cf=Object.defineProperty;var YX=Object.getOwnPropertyDescriptor;var JX=Object.getOwnPropertyNames;var QX=Object.getPrototypeOf,XX=Object.prototype.hasOwnPr... L3: versions published after the first week of January 2027 ... L8: L9: More information can be found at: https://a.co/c895JFp`))}}});var vZ,wZ,gI,yI=g(()=>{vZ=()=>(e,t)=>async r=>(t.__retryLongPoll=!0,e(r)),wZ={name:"longPollMiddleware",tags:["RETRY"]... L10: `+f}catch{!r.logger||r.logger?.constructor?.name==="NoOpLogger"?console.warn(f):r.logger?.warn?.(f)}typeof d.$responseBodyText<"u"&&d.$response&&(d.$response.body=d.$responseBodyTe... L11: `).slice(0,5).filter(t=>!t.includes("stackTraceWarning")).join(` L12: `),Qi={warn:console.warn}});function Es(e){let t=e.getUTCFullYear(),r=e.getUTCMonth(),s=e.getUTCDay(),n=e.getUTCDate(),o=e.getUTCHours(),i=e.getUTCMinutes(),a=e.getUTCSeconds(),c=n... L13: `+a}catch{!s.logger||s.logger?.constructor?.name==="NoOpLogger"?console.warn(a):s.logger?.warn?.(a)}typeof i.$responseBodyText<"u"&&i.$response&&(i.$response.body=i.$responseBodyTe... L14: `),a){let h=r(await c);p.enqueue(`${o}:${h}\r ... L43: Set AWS_CONTAINER_CREDENTIALS_FULL
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.cjsView on unpkg · L1

Findings

1 High5 Medium6 Low
HighCloud Metadata Accessdist/cli.cjs
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.cjs
MediumProtestware
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings