registry  /  @the-open-engine/zeroshot  /  6.6.0

@the-open-engine/zeroshot@6.6.0

Multi-agent orchestration engine for Claude, Codex, and Gemini

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 14 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 226 file(s), 1.82 MB of source, external domains: api.linear.app, cli.github.com, company.atlassian.net, dev.azure.com, docker.com, docs.microsoft.com, github.com, gitlab.com, gitlab.company.com, kiro.dev, linear.app, opencode.ai, openrouter.ai, registry.npmjs.org, yourcompany.atlassian.net

Source & flagged code

6 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/fix-node-pty-permissions.js && node scripts/check-path.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/fix-node-pty-permissions.js && node scripts/check-path.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/logic-engine.jsView file
8* - Helper functions for common patterns L9: * - Sandbox security (no fs, network, child_process) L10: */ ... L139: * Build sandbox context with APIs and helpers L140: * @private L141: */
Medium
Unsafe Vm Context

Package source executes code through a VM context API.

src/logic-engine.jsView on unpkg · L8
cli/index.jsView file
121} else { L122: process.stdout.write(text); L123: } ... L178: // Package root directory (for resolving default config paths) L179: const PACKAGE_ROOT = path.resolve(__dirname, '..'); L180: ... L226: requireGit: options.worktree, L227: quiet: process.env.ZEROSHOT_DAEMON === '1', L228: provider: providerOverride, ... L294: async function spawnDetachedCluster(options, clusterId, stdinText) { L295: const { spawn } = require('child_process'); L296: const logFd = createDaemonLogFile(clusterId);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

cli/index.jsView on unpkg · L121
cluster-hooks/block-dangerous-git.pyView file
path = cluster-hooks/block-dangerous-git.py kind = build_helper sizeBytes = 4915 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

cluster-hooks/block-dangerous-git.pyView on unpkg
scripts/release-preflight.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @the-open-engine/zeroshot@6.5.0 matchedIdentity = npm:[redacted]:6.5.0 similarity = 0.983 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

scripts/release-preflight.jsView on unpkg

Findings

2 High7 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
HighPrevious Version Dangerous Deltascripts/release-preflight.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumUnsafe Vm Contextsrc/logic-engine.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencecli/index.js
MediumShips Build Helpercluster-hooks/block-dangerous-git.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings