registry  /  @whalent/agent  /  0.3.223

@whalent/agent@0.3.223

⚠ Under review

Stable wrapper for Whalent Agent core runtime

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 2 file(s), 303 KB of source, external domains: memory.whale, registry.npm, registry.npmjs.org
Oversized source lightweight scan
dist/core.cjs4.52 MB file, sampled 256 KB
EnvironmentVarsDynamicRequireObfuscatedHighEntropyStringsMinifiedUrlStringsmemory.whale

Source & flagged code

7 flagged · loading source
package.jsonView file
scripts.preinstall = node scripts/preinstall-check.cjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
dist/index.cjsView file
matchType = previous_version_dangerous_delta matchedPackage = @whalent/agent@0.3.201 matchedIdentity = npm:QHdoYWxlbnQvYWdlbnQ:0.3.201 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/index.cjsView on unpkg
1#!/usr/bin/env node L2: 'use strict';const a0_0x2cd285=a0_0x52cf;(function(_0x11ac26,_0x4d070c){const _0x3e4d6d=a0_0x52cf,_0x1242be=_0x11ac26();while(!![]){try{const _0x484362=-parseInt(_0x3e4d6d(0x1dc))/...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/index.cjsView on unpkg · L1
1#!/usr/bin/env node L2: 'use strict';const a0_0x2cd285=a0_0x52cf;(function(_0x11ac26,_0x4d070c){const _0x3e4d6d=a0_0x52cf,_0x1242be=_0x11ac26();while(!![]){try{const _0x484362=-parseInt(_0x3e4d6d(0x1dc))/...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.cjsView on unpkg · L1
dist/index.cjs#virtual:normalized:round1View file
1#!/usr/bin/env node L2: 'use strict';const a0_0x2cd285=a0_0x52cf;(function(_0x11ac26,_0x4d070c){const _0x3e4d6d=a0_0x52cf,_0x1242be=_0x11ac26();while(!![]){try{const _0x484362=-parseInt(_0x3e4d6d(0x1dc))/...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.cjs#virtual:normalized:round1View on unpkg · L1
dist/core.cjsView file
path = dist/core.cjs kind = oversized_source_file sizeBytes = 4743282 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/core.cjsView on unpkg
path = dist/core.cjs kind = oversized_cli_entrypoint sizeBytes = 4743282 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

dist/core.cjsView on unpkg

Findings

1 Critical5 High4 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/index.cjs
HighInstall Time Lifecycle Scriptspackage.json
HighSame File Env Network Executiondist/index.cjs#virtual:normalized:round1
HighObfuscated Payload Loaderdist/index.cjs
HighObfuscated
HighOversized Source Filedist/core.cjs
MediumDynamic Requiredist/index.cjs
MediumEnvironment Vars
MediumOversized Cli Entrypointdist/core.cjs
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License