registry  /  chaite  /  1.10.3

chaite@1.10.3

⚠ Under review

core for chatgpt-plugin and karin-plugin-chatgpt

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 19 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 112 file(s), 6.86 MB of source, external domains: 169.254.169.254, accounts.google.com, aiplatform.googleapis.com, alova.js.org, api.anthropic.com, api.github.com, api.iconify.design, api.openai.com, api.simplesvg.com, api.unisvg.com, cloud.google.com, cloudresourcemanager.googleapis.com, developer.mozilla.org, docs.anthropic.com, docs.expo.dev, dom.spec.whatwg.org, dub.sh, fetch.spec.whatwg.org, generativelanguage.googleapis.com, git.io, github.com, github.githubassets.com, goo.gl, help.openai.com, html.spec.whatwg.org, jimmy.warting.se, metadata.google.internal, oauth2.googleapis.com, purl.oclc.org, schemas.microsoft.com, schemas.openxmlformats.org, schemas.zwobble.org, stackoverflow.com, stuk.github.io, vuejs.org, w3c.github.io, www.chaite.cloud, www.google.com, www.googleapis.com, www.gstatic.com, www.naiveui.com, www.saxproject.org, www.w3.org

Source & flagged code

8 flagged · loading source
frontend/build/assets/index-Djbx1yS_.jsView file
3082L3083: For detailed: https://alova.js.org/error#${n}`:"")),this.name=`[alova${t?`/${t}`:""}]`}}const O7=(e="")=>(t,o,n)=>{if(!t)throw Ao(A7,e,o,n)},O_=()=>{const e={};return{eventMap:e,on... L3084: https://github.com/highlightjs/highlight.js/issues/2277`),fo=Ie,Vt=et),mt===void 0&&(mt=!0);const fn={code:Vt,language:fo};_l("before:highlight",fn);const Jn=fn.result?fn.result:te...
High
Child Process

Package source references child process execution.

frontend/build/assets/index-Djbx1yS_.jsView on unpkg · L3082
dist/chunks/lop/index.mjs-xC-C6mBW.mjsView file
1076try { L1077: render = new Function(argument, "_", source); L1078: } catch (e) {
High
Eval

Package source references dynamic code evaluation.

dist/chunks/lop/index.mjs-xC-C6mBW.mjsView on unpkg · L1076
dist/index.mjsView file
12import "./chunks/dingbat-to-unicode/index.mjs-CmXwn9F0.mjs"; L13: import { t as axios_default } from "./chunks/axios/index.mjs-Db5TE_ZU.mjs"; L14: import "./chunks/accepts/index.mjs-BJUfpJWg.mjs"; ... L29: import { t as require_lib$1 } from "./chunks/cors/index.mjs-B78uaBCh.mjs"; L30: import { t as __dirname } from "./__dirname-b5-uSQ40.mjs"; L31: import { t as McpToolExecutor } from "./mcp-DnSId7pp.mjs"; ... L39: import * as crypto from "node:crypto"; L40: import { spawn } from "node:child_process"; L41: ... L69: fromString(str) { L70: return JSON.parse(str); L71: }
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/index.mjsView on unpkg · L12
12Trigger-reachable chain: manifest.main -> dist/index.mjs L12: import "./chunks/dingbat-to-unicode/index.mjs-CmXwn9F0.mjs"; L13: import { t as axios_default } from "./chunks/axios/index.mjs-Db5TE_ZU.mjs"; L14: import "./chunks/accepts/index.mjs-BJUfpJWg.mjs"; ... L29: import { t as require_lib$1 } from "./chunks/cors/index.mjs-B78uaBCh.mjs"; L30: import { t as __dirname } from "./__dirname-b5-uSQ40.mjs"; L31: import { t as McpToolExecutor } from "./mcp-DnSId7pp.mjs"; ... L39: import * as crypto from "node:crypto"; L40: import { spawn } from "node:child_process"; L41: ... L69: fromString(str) { L70: return JSON.parse(str); L71: }
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.mjsView on unpkg · L12
12Cross-file remote execution chain: dist/index.mjs spawns dist/chunks/@anthropic-ai/sdk/index.mjs-BTPQOmBH.mjs; helper contains network access plus dynamic code execution. L12: import "./chunks/dingbat-to-unicode/index.mjs-CmXwn9F0.mjs"; L13: import { t as axios_default } from "./chunks/axios/index.mjs-Db5TE_ZU.mjs"; L14: import "./chunks/accepts/index.mjs-BJUfpJWg.mjs"; ... L29: import { t as require_lib$1 } from "./chunks/cors/index.mjs-B78uaBCh.mjs"; L30: import { t as __dirname } from "./__dirname-b5-uSQ40.mjs"; L31: import { t as McpToolExecutor } from "./mcp-DnSId7pp.mjs"; ... L39: import * as crypto from "node:crypto"; L40: import { spawn } from "node:child_process"; L41: ... L69: fromString(str) { L70: return JSON.parse(str); L71: }
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/index.mjsView on unpkg · L12
661try { L662: const module = await import(`${`file://${path.resolve(filePath)}`}?update=${Date.now()}`); L663: if (!("default" in module)) return null;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.mjsView on unpkg · L661
dist/chunks/cookie-signature/index.mjs-BxKngpc_.mjsView file
14* @return {String} L15: * @api private L16: */ ... L19: if ("string" != typeof secret) throw new TypeError("Secret string must be provided."); L20: return val + "." + crypto.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, ""); L21: };
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunks/cookie-signature/index.mjs-BxKngpc_.mjsView on unpkg · L14
dist/chunks/@google/genai/index.mjs-CHHji2VX.mjsView file
8L9: //#region node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js L10: var require_base64_js = /* @__PURE__ */ __commonJS({ "node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js": ((exports) => { ... L99: var require_safe_buffer = /* @__PURE__ */ __commonJS({ "node_modules/.pnpm/safe-buffer@5.2.1/node_modules/safe-buffer/index.js": ((exports, module) => { L100: /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */ L101: var buffer = __require("buffer"); ... L350: //#endregion L351: //#region node_modules/.pnpm/gaxios@7.1.3/node_modules/gaxios/package.json L352: var require_package$1 = /* @__PURE__ */ __commonJS({ "node_modules/.pnpm/gaxios@7.1.3/node_modules/gaxios/package.json": ((exports, module) => { ... L639: if (!obj || typeof obj !== "object") return; L640: else if (obj instanceof FormData || obj instanceof URLSearchParams || "forEach" in obj && "set" in obj) obj.forEach((_, key) => { L641: if (["grant_type", "assertion"].includes(key) || /secret/.test(key)) obj.set(key, REDACT);
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

dist/chunks/@google/genai/index.mjs-CHHji2VX.mjsView on unpkg · L8

Findings

2 Critical5 High4 Medium8 Low
CriticalCredential Exfiltrationdist/index.mjs
CriticalTrigger Reachable Dangerous Capabilitydist/index.mjs
HighChild Processfrontend/build/assets/index-Djbx1yS_.js
HighShell
HighEvaldist/chunks/lop/index.mjs-xC-C6mBW.mjs
HighCloud Metadata Accessdist/chunks/@google/genai/index.mjs-CHHji2VX.mjs
HighCross File Remote Execution Contextdist/index.mjs
MediumDynamic Requiredist/index.mjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/chunks/cookie-signature/index.mjs-BxKngpc_.mjs
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings