Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
UrlStrings
Source & flagged code
3 flagged · loading sourceindex.jsView file
6const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
High
6const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
...
L12:
L13: const INSTALL_CMD = process.platform === 'win32'
L14: ? 'irm https://claude.ai/install.ps1 | iex'
L15: : 'curl -fsSL https://claude.ai/install.sh | bash';
...
L29: console.error(
L30: `Claude Code 未安装或已损坏 (exit code: ${result.status}),请执行: ${INSTALL_CMD}`
L31: );
...
L42: function createLogger() {
L43: const logDir = path.join(os.homedir(), '.config', 'block-cc');
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L66const os = require('os');
L7: const { spawn, spawnSync } = require('child_process');
L8: const { createProxy } = require('./proxy');
...
L10:
L11: const USAGE = 'Usage: npx block-cc claude';
L12:
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
index.jsView on unpkg · L6Findings
4 High3 Medium3 Low
HighChild Processindex.js
HighShell
HighSandbox Evasion Gated Capabilityindex.js
HighRuntime Package Installindex.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowUrl Strings