registry  /  claude-mem  /  13.9.2

claude-mem@13.9.2

⚠ Under review

Memory compression system for Claude Code - persist context across sessions

Static Scan Results

scanned 12d ago · by rust-scanner

Static analysis flagged 27 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 20 file(s), 5.61 MB of source, external domains: 127.0.0.1, api.anthropic.com, api.telegram.org, astral.sh, bun.sh, claude.ai, cmem.ai, docs.claude-mem.ai, generativelanguage.googleapis.com, git.new, github.com, json-schema.org, opencode.ai, openrouter.ai, raw.githubusercontent.com, react.dev, us.i.posthog.com, www.w3.org, yoursite.com
Oversized source lightweight scan
plugin/scripts/worker-service.cjs2.43 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsEvalHighEntropyStringsMinifiedUrlStringsraw.githubusercontent.com

Source & flagged code

17 flagged · loading source
dist/index.jsView file
1702import { StdioClientTransport } from "@[redacted].js"; L1703: import { execFile as execFile2, execSync, spawn as spawn2 } from "child_process"; L1704: import { promisify as promisify2 } from "util";
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L1702
2065// Give files time to sync before restart L2066: POWERSHELL_COMMAND: 1e4, L2067: // PowerShell process enumeration (10s - typically completes in <1s)
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L2065
2818try { L2819: const treeKillModule = await import(moduleName); L2820: return treeKillModule.default ?? treeKillModule;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.jsView on unpkg · L2818
dist/npx-cli/index.jsView file
95`)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c[2]}`:"unknown",d={...i,location:u};return this.warn(e,`[HAPPY-PATH] ${r}`,d,n),o}},T=... L97: `)}function wd(){let t=_i();if(t?.installId)return t.installId;let e=m3();return Rs({installId:e,decidedAt:""}),e}var lA,xd=v(()=>{"use strict";rt();xs();lA="telemetry.json"});func... L98: `);return}let n=fA();if(!n)return;let o=new AbortController,s=setTimeout(()=>o.abort(),S3);try{await fetch(`${hA()}/capture/`,{method:"POST",headers:{"Content-Type":"application/js...
Critical
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution with blocking evidence.

dist/npx-cli/index.jsView on unpkg · L95
1#!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/npx-cli/index.jsView on unpkg · L1
1Trigger-reachable chain: manifest.bin -> dist/npx-cli/index.js L1: #!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s…
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/npx-cli/index.jsView on unpkg · L1
8`),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(`
Critical
Protestware

Package source matches protestware-related patterns.

dist/npx-cli/index.jsView on unpkg · L8
1184`),c&&(m+="Error resolving package: "+c.message+` L1185: `),new Error(m);function p(y){var I=N_(mn.join(y,"prebuilds")).map(y2),_=I.filter(g2(hh,fh)).sort(b2)[0];if(_)return f(mn.join(y,"prebuilds",_.name))}function f(y){var I=N_(y).map(... L1186: $`+Buffer.byteLength(this.name)+`\r
High
Eval

Package source references dynamic code evaluation.

dist/npx-cli/index.jsView on unpkg · L1184
87${a} L88: `}}}}).prompt()});function WW(t){return(VW??process.stderr.write.bind(process.stderr))(t)}function yb(t){WW(t)}var VW,gb=v(()=>{"use strict";VW=null});import{appendFileSync as ZW,e... L89: ${e.stack}`:e.message;if(Array.isArray(e))return`[${e.length} items]`;let r=Object.keys(e);return r.length===0?"{}":r.length<=3?JSON.stringify(e):`{${r.length} keys: ${r.slice(0,3)... ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c[2]}`:"unknown",d={...i,location:u};return this.warn(e,`[HAPPY-PATH] ${r}`,d,n),o}},T=... L97: `)}function wd(){let t=_i();if(t?.installId)return t.installId;let e=m3();return Rs({installId:e,decidedAt:""}),e}var lA,xd=v(()=>{"use strict";rt();xs();lA="telemetry.json"});func... L98: `);return}let n=fA();if(!n)return;let o=new AbortController,s=setTimeout(()=>o.abort(),S3);try{await fetch(`${hA()}/capture/`,{method:"POST",headers:{"Content-Type":"application/js...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/npx-cli/index.jsView on unpkg · L87
1#!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/npx-cli/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/npx-cli/index.jsView on unpkg · L1
1Cross-file remote execution chain: dist/npx-cli/index.js spawns openclaw/dist/index.js; helper contains network access plus dynamic code execution. L1: #!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e…
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/npx-cli/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: var JV=Object.create;var od=Object.defineProperty;var $V=Object.getOwnPropertyDescriptor;var qV=Object.getOwnPropertyNames;var zV=Object.getPrototypeOf,GV=Object.prototype.hasOwnPr... L3: `,"utf-8"),a;try{a=rW(r).mode&511}catch{}let l;try{l=a!==void 0?Hg(o,"w",a):Hg(o,"w");let c=0;for(;c<s.length;){let u=iW(l,s,c,s.length-c);if(u===0)throw new Error(`writeSync stall... L4: `)}var ud,JO,bW,tb,$O,vW,qO,rb,MO,LO,UO,FO,eb,EW,SW,IW,nb=v(()=>{Qg();ud="\x1B",JO="\x9B",bW=39,tb="\x07",$O="[",vW="]",qO="m",rb=`${vW}8;;`,MO=new RegExp(`(?:\\${$O}(?<code>\\d+)m... ... L8: `),i=e.split(` L9: `),n=Math.max(r.length,i.length),o=[];for(let s=0;s<n;s++)r[s]!==i[s]&&o.push(s);return{lines:o,numLinesBefore:r.length,numLinesAfter:i.length,numLines:n}}function Ge(t){return t==... L10: `).map((a,l,c)=>{let u=o?o(a,l):a;return l===0?`${i}${u}`:l===c.length-1?`${n}${u}`:`${r}${u}`}).join(` ... L95: `)}debug(e,r,i,n){this.log(0,e,r,i,n)}info(e,r,i,n){this.log(1,e,r,i,n)}warn(e,r,i,n){this.log(2,e,r,i,n)}setErrorSink(e){bb=e}error(e,r,i,n){this.log(3,e,r,i,n),this.routeErrorToS... L96: `)[2]||"").match(/at\s+(?:.*\s+)?\(?([^:]+):(\d+):(\d+)\)?/),u=c?`${c[1].split("/").pop()}:${c
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/npx-cli/index.jsView on unpkg · L1
openclaw/install.shView file
path = openclaw/install.sh kind = build_helper sizeBytes = 52177 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

openclaw/install.shView on unpkg
plugin/ui/assets/fonts/monaspace-radon-var.woff2View file
path = [redacted]-radon-var.woff2 kind = high_entropy_blob sizeBytes = 426972 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

plugin/ui/assets/fonts/monaspace-radon-var.woff2View on unpkg
plugin/scripts/worker-service.cjsView file
path = plugin/scripts/worker-service.cjs kind = oversized_source_file sizeBytes = 2543050 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

plugin/scripts/worker-service.cjsView on unpkg
path = plugin/scripts/worker-service.cjs kind = oversized_cli_entrypoint sizeBytes = 2543050 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

plugin/scripts/worker-service.cjsView on unpkg

Findings

4 Critical9 High7 Medium7 Low
CriticalSame File Env Network Executiondist/npx-cli/index.js
CriticalCredential Exfiltrationdist/npx-cli/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/npx-cli/index.js
CriticalProtestwaredist/npx-cli/index.js
HighChild Processdist/index.js
HighShelldist/index.js
HighEvaldist/npx-cli/index.js
HighCommand Output Exfiltrationdist/npx-cli/index.js
HighSandbox Evasion Gated Capabilitydist/npx-cli/index.js
HighObfuscated Payload Loaderdist/npx-cli/index.js
HighCross File Remote Execution Contextdist/npx-cli/index.js
HighShips High Entropy Blobplugin/ui/assets/fonts/monaspace-radon-var.woff2
HighOversized Source Fileplugin/scripts/worker-service.cjs
MediumDynamic Requiredist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/npx-cli/index.js
MediumShips Build Helperopenclaw/install.sh
MediumOversized Cli Entrypointplugin/scripts/worker-service.cjs
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings