registry  /  claude-yes  /  1.169.0

claude-yes@1.169.0

⚠ Under review

A wrapper tool that automates interactions with various AI CLI tools by automatically handling common prompts and responses.

Static Scan Results

scanned 8d ago · by rust-scanner

Static analysis flagged 18 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 149 file(s), 1.20 MB of source, external domains: 127.0.0.1, 192.168.1.5, agent-yes.com, ay.local, example.com, github.com, raw.githubusercontent.com, registry.npmjs.org, rtc.live.cloudflare.com, rustup.rs

Source & flagged code

10 flagged · loading source
dist/versionChecker-CL0RTOKo.jsView file
1import { execFileSync } from "child_process"; L2: import { existsSync, lstatSync, readFileSync, readlinkSync } from "fs";
High
Child Process

Package source references child process execution.

dist/versionChecker-CL0RTOKo.jsView on unpkg · L1
114try { L115: const { execaCommand } = await import("execa"); L116: await execaCommand(installCmd, { stdio: "inherit" });
High
Shell

Package source references shell execution.

dist/versionChecker-CL0RTOKo.jsView on unpkg · L114
114package = claude-yes; repositoryIdentity = agent-yes; dependency = execa L114: try { L115: const { execaCommand } = await import("execa"); L116: await execaCommand(installCmd, { stdio: "inherit" });
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/versionChecker-CL0RTOKo.jsView on unpkg · L114
111async function runInstall(latestVersion) { L112: const installCmd = detectPackageManager() === "bun" ? `bun add -g ${CANONICAL_PKG_NAME}@${latestVersion}` : `npm install -g ${CANONICAL_PKG_NAME}@${latestVersion}`; L113: process.stderr.write(`\x1b[33m[agent-yes] Updating ${getInstalledPackage().version} → ${latestVersion}…\x1b[0m\n`); L114: try { L115: const { execaCommand } = await import("execa"); L116: await execaCommand(installCmd, { stdio: "inherit" });
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/versionChecker-CL0RTOKo.jsView on unpkg · L111
dist/agent-yes.config-Bl08kMpl.jsView file
213const legacyConfigs = await Promise.all([ L214: import(path.resolve(os.homedir(), ".agent-yes/config.ts")).catch(() => ({ default: {} })).then((mod) => mod.default), L215: import(path.resolve(process.cwd(), "node_modules/.agent-yes/config.ts")).catch(() => ({ default: {} })).then((mod) => mod.default),
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/agent-yes.config-Bl08kMpl.jsView on unpkg · L213
dist/schedule-CQge8oP_.jsView file
59stdin: "ignore", L60: stdout: capture ? "pipe" : "inherit", L61: stderr: capture ? "pipe" : "inherit" L62: }); L63: const out = capture ? await new Response(p.stdout).text() : ""; L64: return { ... L71: if (!oxmgrBin) { L72: process.stderr.write("ay schedule: oxmgr not found\n install with: cargo install oxmgr\n or: bun add -g oxmgr\n"); L73: return 1;
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/schedule-CQge8oP_.jsView on unpkg · L59
dist/ts-DBYdQgbR.jsView file
676try { L677: execSync(`${cargoCmd} --version`, { stdio: "ignore" }); L678: } catch { L679: console.warn("Warning: Rust/Cargo not found. bun-pty native module may not work."); L680: console.warn("To fix this, install Rust: https://rustup.rs/"); L681: return; ... L684: const isWindows = platform === "win32"; L685: const tempBase = isWindows ? process.env.TEMP || "C:\\Temp" : "/tmp"; L686: if (!existsSync(join(rustPtyDir, "Cargo.toml"))) {
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/ts-DBYdQgbR.jsView on unpkg · L676
dist/share-D_e2Fwiy.jsView file
21async function getIceServers() { L22: const keyId = process.env.CF_TURN_KEY_ID; L23: const apiToken = process.env.CF_TURN_API_TOKEN; ... L27: try { L28: const r = await fetch(`https://rtc.live.cloudflare.com/v1/turn/keys/${keyId}/credentials/generate-ice-servers`, { L29: method: "POST", ... L33: }, L34: body: JSON.stringify({ ttl }), L35: signal: AbortSignal.timeout(5e3) ... L37: if (!r.ok) throw new Error(`Cloudflare TURN ${r.status}`); L38: const j = await r.json(); L39: const servers = j.iceServers?.length ? j.iceServers : STUN;
High
Credential Exfiltration

Source combines credential-like environment material and outbound requests; review data flow before blocking.

dist/share-D_e2Fwiy.jsView on unpkg · L21
examples/gcp.shView file
path = examples/gcp.sh kind = build_helper sizeBytes = 2338 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

examples/gcp.shView on unpkg
dist/cli.jsView file
matchType = previous_version_dangerous_delta matchedPackage = claude-yes@1.162.0 matchedIdentity = npm:Y2xhdWRlLXllcw:1.162.0 similarity = 0.767 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/cli.jsView on unpkg

Findings

1 Critical6 High5 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/cli.js
HighChild Processdist/versionChecker-CL0RTOKo.js
HighShelldist/versionChecker-CL0RTOKo.js
HighSame File Env Network Executiondist/ts-DBYdQgbR.js
HighCredential Exfiltrationdist/share-D_e2Fwiy.js
HighCopied Package Dependency Bridgedist/versionChecker-CL0RTOKo.js
HighRuntime Package Installdist/versionChecker-CL0RTOKo.js
MediumDynamic Requiredist/agent-yes.config-Bl08kMpl.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperexamples/gcp.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/schedule-CQge8oP_.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings