registry  /  block-cc  /  1.0.3

block-cc@1.0.3

Launch Claude Code with telemetry domains blocked

Static Scan Results

scanned 45m ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 10.7 KB of source, external domains: 127.0.0.1, claude.ai

Source & flagged code

3 flagged · loading source
index.jsView file
6const os = require('os'); L7: const { spawn, spawnSync } = require('child_process'); L8: const { createProxy } = require('./proxy');
High
Child Process

Package source references child process execution.

index.jsView on unpkg · L6
6const os = require('os'); L7: const { spawn, spawnSync } = require('child_process'); L8: const { createProxy } = require('./proxy'); ... L12: L13: const INSTALL_CMD = process.platform === 'win32' L14: ? 'irm https://claude.ai/install.ps1 | iex' L15: : 'curl -fsSL https://claude.ai/install.sh | bash'; ... L29: console.error( L30: `Claude Code 未安装或已损坏 (exit code: ${result.status}),请执行: ${INSTALL_CMD}` L31: ); ... L42: function createLogger() { L43: const logDir = path.join(os.homedir(), '.config', 'block-cc');
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

index.jsView on unpkg · L6
6const os = require('os'); L7: const { spawn, spawnSync } = require('child_process'); L8: const { createProxy } = require('./proxy'); ... L10: L11: const USAGE = 'Usage: npx block-cc claude'; L12:
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

index.jsView on unpkg · L6

Findings

4 High3 Medium3 Low
HighChild Processindex.js
HighShell
HighSandbox Evasion Gated Capabilityindex.js
HighRuntime Package Installindex.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowUrl Strings