Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetwork
UrlStrings
Source & flagged code
3 flagged · loading sourceindex.jsView file
6const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
High
6const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
...
L11:
L12: const INSTALL_CMD = process.platform === 'win32'
L13: ? 'irm https://claude.ai/install.ps1 | iex'
L14: : 'curl -fsSL https://claude.ai/install.sh | bash';
...
L28: console.error(
L29: `Claude Code 未安装或已损坏 (exit code: ${result.status}),请执行: ${INSTALL_CMD}`
L30: );
...
L41: function createLogger() {
L42: const logDir = path.join(os.homedir(), '.config', 'block-cc');
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L66const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
L9:
L10: const USAGE = 'Usage: npx block-cc claude';
L11:
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
index.jsView on unpkg · L6Findings
3 High3 Medium3 Low
HighChild Processindex.js
HighSandbox Evasion Gated Capabilityindex.js
HighRuntime Package Installindex.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowUrl Strings