registry  /  agentcalendar  /  0.1.1

agentcalendar@0.1.1

A calendar for your AI coding agents. Local-first: reads Claude Code / Codex session logs, shows them as a week calendar with vendor-confirmed rate-limit windows and resets, queues jobs that fire at the next reset, and exposes everything as a local API (R

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 15 file(s), 66.0 KB of source, external domains: 127.0.0.1, api.anthropic.com, github.com

Source & flagged code

3 flagged · loading source
bin/agentcal.jsView file
1#!/usr/bin/env node L2: import { spawn } from 'node:child_process' L3: import { loadConfig } from '../src/config.js'
High
Child Process

Package source references child process execution.

bin/agentcal.jsView on unpkg · L1
src/schedules.jsView file
117if (s.action_type === 'command') { L118: execFile('/bin/zsh', ['-lc', s.action_value], { timeout: 15 * 60_000 }, (err, stdout, stderr) => { L119: if (err) finish(s, 'error', `${err.message}\n${stderr}`.trim()) ... L122: } else if (s.action_type === 'webhook') { L123: fetch(s.action_value, { L124: method: 'POST', L125: headers: { 'content-type': 'application/json' }, L126: body: JSON.stringify({ type: 'schedule.trigger', schedule: { id: s.id, name: s.name }, ts: Date.now() }), L127: signal: AbortSignal.timeout(15_000),
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

src/schedules.jsView on unpkg · L117
src/limits.jsView file
2import { join } from 'node:path' L3: import { execFileSync } from 'node:child_process' L4: ... L22: provider: snap.provider, account: snap.account, L23: data: { kind: snap.kind, usedPercent: snap.usedPercent, resetsAt: snap.resetsAt, plan: snap.plan ?? null }, L24: }) ... L59: try { L60: const raw = JSON.parse(readFileSync(join(root, '.credentials.json'), 'utf8')) L61: const t = freshToken(raw.claudeAiOauth) ... L65: // Read-only via the security CLI (one-time "Always Allow"), like ClaudeBar. L66: if (process.platform === 'darwin') { L67: try {
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/limits.jsView on unpkg · L2

Findings

4 High3 Medium4 Low
HighChild Processbin/agentcal.js
HighShell
HighCommand Output Exfiltrationsrc/schedules.js
HighSandbox Evasion Gated Capabilitysrc/limits.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings