registry  /  claude-mem  /  13.10.3

claude-mem@13.10.3

⚠ Under review

Memory compression system for Claude Code - persist context across sessions

Static Scan Results

scanned 1h ago · by rust-scanner

Static analysis flagged 27 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 21 file(s), 5.58 MB of source, external domains: 127.0.0.1, api.anthropic.com, api.telegram.org, astral.sh, bun.sh, claude.ai, cmem.ai, docs.claude-mem.ai, generativelanguage.googleapis.com, git.new, github.com, json-schema.org, opencode.ai, openrouter.ai, raw.githubusercontent.com, react.dev, us.i.posthog.com, www.w3.org, yoursite.com
Oversized source lightweight scan
plugin/scripts/worker-service.cjs2.32 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsEvalHighEntropyStringsMinifiedUrlStringsgithub.comopenrouter.airaw.githubusercontent.com

Source & flagged code

16 flagged · loading source
dist/index.jsView file
1702import { StdioClientTransport } from "@[redacted].js"; L1703: import { execFile as execFile2, execSync, spawn as spawn2 } from "child_process"; L1704: import { promisify as promisify2 } from "util";
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L1702
2065// Give files time to sync before restart L2066: POWERSHELL_COMMAND: 1e4, L2067: // PowerShell process enumeration (10s - typically completes in <1s)
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L2065
2818try { L2819: const treeKillModule = await import(moduleName); L2820: return treeKillModule.default ?? treeKillModule;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.jsView on unpkg · L2818
dist/npx-cli/index.jsView file
89${a} L90: `}}}}).prompt()});import{join as dt,dirname as OW,basename as AW}from"path";import{homedir as cA}from"os";import{existsSync as KW,mkdirSync as uye,readFileSync as RW}from"fs";impor... L91: ${e.stack}`:e.message;if(Array.isArray(e))return`[${e.length} items]`;let r=Object.keys(e);return r.length===0?"{}":r.length<=3?JSON.stringify(e):`{${r.length} keys: ${r.slice(0,3)... ... L98: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){_b=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L99: `)}function Ad(){let t=Ci();if(t?.installId)return t.installId;let e=zW();return Ns({installId:e,decidedAt:""}),e}var pA,Kd=E(()=>{"use strict";nt();_o();$e();pA="telemetry.json"})... L100: `);return}let n=bA(),o=new AbortController,s=setTimeout(()=>o.abort(),QW);try{await e3(n,t,i,o.signal)}finally{clearTimeout(s)}}catch{}}async function e3(t,e,r,i){await fetch(`${vA... L101: `)+`
Critical
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution with blocking evidence.

dist/npx-cli/index.jsView on unpkg · L89
1#!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ve(t){return t==... L12: `).map((a,l,c)=>{l
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/npx-cli/index.jsView on unpkg · L1
1Trigger-reachable chain: manifest.bin -> dist/npx-cli/index.js L1: #!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,…
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/npx-cli/index.jsView on unpkg · L1
1125`),c&&(f+="Error resolving package: "+c.message+` L1126: `),new Error(f);function p(y){var w=O0(fn.join(y,"prebuilds")).map(VL),_=w.filter(BL(Jf,Uf)).sort(WL)[0];if(_)return m(fn.join(y,"prebuilds",_.name))}function m(y){var w=O0(y).map(... L1127: $`+Buffer.byteLength(this.name)+`\r
High
Eval

Package source references dynamic code evaluation.

dist/npx-cli/index.jsView on unpkg · L1125
89${a} L90: `}}}}).prompt()});import{join as dt,dirname as OW,basename as AW}from"path";import{homedir as cA}from"os";import{existsSync as KW,mkdirSync as uye,readFileSync as RW}from"fs";impor... L91: ${e.stack}`:e.message;if(Array.isArray(e))return`[${e.length} items]`;let r=Object.keys(e);return r.length===0?"{}":r.length<=3?JSON.stringify(e):`{${r.length} keys: ${r.slice(0,3)... ... L98: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){_b=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L99: `)}function Ad(){let t=Ci();if(t?.installId)return t.installId;let e=zW();return Ns({installId:e,decidedAt:""}),e}var pA,Kd=E(()=>{"use strict";nt();_o();$e();pA="telemetry.json"})... L100: `);return}let n=bA(),o=new AbortController,s=setTimeout(()=>o.abort(),QW);try{await e3(n,t,i,o.signal)}finally{clearTimeout(s)}}catch{}}async function e3(t,e,r,i){await fetch(`${vA... L101: `)+`
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/npx-cli/index.jsView on unpkg · L89
1#!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ve(t){return t==... L12: `).map((a,l,c)=>{l
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/npx-cli/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ve(t){return t==... L12: `).map((a,l,c)=>{l
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/npx-cli/index.jsView on unpkg · L1
1Cross-file remote execution chain: dist/npx-cli/index.js spawns openclaw/dist/index.js; helper contains network access plus dynamic code execution. L1: #!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)…
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/npx-cli/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: var bB=Object.create;var md=Object.defineProperty;var vB=Object.getOwnPropertyDescriptor;var SB=Object.getOwnPropertyNames;var EB=Object.getPrototypeOf,wB=Object.prototype.hasOwnPr... L3: `);let d=OB(t);r=LB(sb(t),d)}}catch(c){let u=c.code;if(u!=="ENOENT"&&u!=="ENOTDIR")throw c}Ks(sb(r));let i=sb(r),n=MB(r),o=NB(i,`.${n}.${process.pid}.${PB(6).toString("hex")}.tmp`)... L4: `,"utf-8"),a;try{a=RB(r).mode&511}catch{}let l;try{l=a!==void 0?ob(o,"w",a):ob(o,"w");let c=0;for(;c<s.length;){let u=jB(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L5: `)}finally{if(u!==void 0)try{ib(u)}catch{}}}}catch(c){if(l!==void 0)try{ib(l)}catch{}try{DB(o)}catch{}throw c}}var UB,kn=E(()=>{"use strict";hd();UB=process.platform==="win32"});im... L6: `)}var bd,VO,eW,db,BO,tW,WO,pb,FO,qO,zO,GO,ub,rW,nW,iW,fb=E(()=>{cb();bd="\x1B",VO="\x9B",eW=39,db="\x07",BO="[",tW="]",WO="m",pb=`${tW}8;;`,FO=new RegExp(`(?:\\${BO}(?<code>\\d+)m... ... L10: `),i=e.split(` L11: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ve(t){return t==... L12: `).map((a,l,c)=>{l
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/npx-cli/index.jsView on unpkg · L1
openclaw/install.shView file
path = openclaw/install.sh kind = build_helper sizeBytes = 52177 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

openclaw/install.shView on unpkg
plugin/ui/assets/fonts/monaspace-radon-var.woff2View file
path = [redacted]-radon-var.woff2 kind = high_entropy_blob sizeBytes = 426972 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

plugin/ui/assets/fonts/monaspace-radon-var.woff2View on unpkg
plugin/scripts/worker-service.cjsView file
path = plugin/scripts/worker-service.cjs kind = oversized_source_file sizeBytes = 2433490 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

plugin/scripts/worker-service.cjsView on unpkg
path = plugin/scripts/worker-service.cjs kind = oversized_cli_entrypoint sizeBytes = 2433490 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

plugin/scripts/worker-service.cjsView on unpkg

Findings

3 Critical9 High8 Medium7 Low
CriticalSame File Env Network Executiondist/npx-cli/index.js
CriticalCredential Exfiltrationdist/npx-cli/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/npx-cli/index.js
HighChild Processdist/index.js
HighShelldist/index.js
HighEvaldist/npx-cli/index.js
HighCommand Output Exfiltrationdist/npx-cli/index.js
HighSandbox Evasion Gated Capabilitydist/npx-cli/index.js
HighObfuscated Payload Loaderdist/npx-cli/index.js
HighCross File Remote Execution Contextdist/npx-cli/index.js
HighShips High Entropy Blobplugin/ui/assets/fonts/monaspace-radon-var.woff2
HighOversized Source Fileplugin/scripts/worker-service.cjs
MediumDynamic Requiredist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/npx-cli/index.js
MediumProtestware
MediumShips Build Helperopenclaw/install.sh
MediumOversized Cli Entrypointplugin/scripts/worker-service.cjs
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings