registry  /  anygate  /  0.5.3

anygate@0.5.3

Route any model into any coding agent — launch Claude Code, Codex, and more with multi-provider gateways

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 15 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 928 KB of source, external domains: 127.0.0.1, accounts.google.com, aistudio.google.com, antigravity.google, api.anthropic.com, api.cerebras.ai, api.cohere.com, api.deepinfra.com, api.deepseek.com, api.example.com, api.github.com, api.githubcopilot.com, api.groq.com, api.kilo.ai, api.kimi.com, api.mistral.ai, api.moonshot.ai, api.moonshot.cn, api.openai.com, api.perplexity.ai, api.together.xyz, api.venice.ai, api.x.ai, app.kilo.ai, auth.openai.com, auth.x.ai, build.nvidia.com, cdn.simpleicons.org, chatgpt.com, claude.ai, cloud.cerebras.ai, cloudcode-pa.googleapis.com, codeassist.google.com, console.anthropic.com, console.groq.com, console.mistral.ai, console.x.ai, daily-cloudcode-pa.googleapis.com, daily-cloudcode-pa.sandbox.googleapis.com, dashboard.cohere.com, dashscope.aliyuncs.com, dashscope.console.aliyun.com, deepinfra.com, developers.openai.com, generativelanguage.googleapis.com, github.com, integrate.api.nvidia.com, models.dev, my-proxy.example.com, oauth2.googleapis.com
Oversized source lightweight scan
dist/chunk-QPXRFBQI.js2.54 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsNativeBindingsCryptoShellWebSocketDynamicRequireHighEntropyStringsUrlStrings127.0.0.1accounts.google.comapi.anthropic.comapi.example.comapi.github.comapi.openai.comapi.x.aiauth.openai.comauth.x.aichatgpt.comclaude.aicloudcode-pa.googleapis.comdaily-cloudcode-pa.googleapis.comdaily-cloudcode-pa.sandbox.googleapis.comdevelopers.openai.comgithub.commodels.devoauth2.googleapis.comopencode.aiplatform.claude.comregistry.npmjs.orgrequesty.airouter.requesty.aiwww.googleapis.com

Source & flagged code

7 flagged · loading source
dist/cli.jsView file
290oauthImported: 0, L291: error: "OpenCode CLI not found or failed to start. Install from https://opencode.ai" L292: }; ... L400: import { homedir } from "os"; L401: import { spawnSync } from "child_process"; L402: function detectShellProfile() { L403: const shell = process.env["SHELL"] ?? ""; L404: if (process.platform === "darwin") { L405: if (shell.includes("zsh")) return { display: "~/.zshrc", path: `${homedir()}/.zshrc` }; L406: if (shell.includes("bash")) return { display: "~/.bash_profile", path: `${homedir()}/.bash_profile` }; ... L828: } L829: const searchInput = await p3.text({
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/cli.jsView on unpkg · L290
matchType = previous_version_dangerous_delta matchedPackage = anygate@0.5.1 matchedIdentity = npm:YW55Z2F0ZQ:0.5.1 similarity = 0.800 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/cli.jsView on unpkg
1159} L1160: async function runProvidersImport() { L1161: const registry = loadRegistry();
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/cli.jsView on unpkg · L1159
290oauthImported: 0, L291: error: "OpenCode CLI not found or failed to start. Install from https://opencode.ai" L292: }; ... L400: import { homedir } from "os"; L401: import { spawnSync } from "child_process"; L402: function detectShellProfile() { L403: const shell = process.env["SHELL"] ?? ""; L404: if (process.platform === "darwin") { L405: if (shell.includes("zsh")) return { display: "~/.zshrc", path: `${homedir()}/.zshrc` }; L406: if (shell.includes("bash")) return { display: "~/.bash_profile", path: `${homedir()}/.bash_profile` }; ... L828: } L829: const searchInput = await p3.text({
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.jsView on unpkg · L290
290oauthImported: 0, L291: error: "OpenCode CLI not found or failed to start. Install from https://opencode.ai" L292: }; ... L400: import { homedir } from "os"; L401: import { spawnSync } from "child_process"; L402: function detectShellProfile() { L403: const shell = process.env["SHELL"] ?? ""; L404: if (process.platform === "darwin") { L405: if (shell.includes("zsh")) return { display: "~/.zshrc", path: `${homedir()}/.zshrc` }; L406: if (shell.includes("bash")) return { display: "~/.bash_profile", path: `${homedir()}/.bash_profile` }; ... L828: } L829: const searchInput = await p3.text({
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/cli.jsView on unpkg · L290
dist/chunk-QPXRFBQI.jsView file
path = dist/chunk-QPXRFBQI.js kind = oversized_source_file sizeBytes = 2667006 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/chunk-QPXRFBQI.jsView on unpkg
path = dist/chunk-QPXRFBQI.js kind = oversized_cli_entrypoint sizeBytes = 2667006 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

dist/chunk-QPXRFBQI.jsView on unpkg

Findings

3 High6 Medium6 Low
HighSandbox Evasion Gated Capabilitydist/cli.js
HighOversized Source Filedist/chunk-QPXRFBQI.js
HighPrevious Version Dangerous Deltadist/cli.js
MediumDynamic Requiredist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
MediumOversized Cli Entrypointdist/chunk-QPXRFBQI.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/cli.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings