registry  /  create-mastra  /  1.17.0

create-mastra@1.17.0

Create Mastra apps with one command

Static Scan Results

scanned 6d ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 534 KB of source, external domains: api.open-meteo.com, app.posthog.com, gateway-api.mastra.ai, gateway-api.staging.mastra.ai, geocoding-api.open-meteo.com, github.com, mastra.ai, nodejs.org, platform.mastra.ai, projects.mastra.ai, qntm.org, raw.githubusercontent.com, studio.mastra.ai, studio.staging.mastra.ai, us.posthog.com

Source & flagged code

5 flagged · loading source
dist/index.jsView file
2import { Command } from 'commander'; L3: import child_process, { execFileSync, ChildProcess, execFile, spawnSync, spawn } from 'node:child_process'; L4: import { randomBytes, randomUUID } from 'node:crypto';
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L2
14import util, { debuglog, stripVTControlCharacters, inspect, promisify, callbackify, aborted, styleText } from 'node:util'; L15: import process$2, { platform, hrtime, execPath, execArgv, stdout, stdin } from 'node:process'; L16: import tty, { ReadStream } from 'node:tty';
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L14
16066const installCommand = shellQuote.quote([pm, "install"]); L16067: await exec(installCommand, { L16068: cwd: projectPath ... L16075: } L16076: var TEMPLATES_API_URL = process.env.MASTRA_TEMPLATES_API_URL || "https://mastra.ai/api/templates.json"; L16077: async function loadTemplates() {
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.jsView on unpkg · L16066
8919// If `subprocess.stdin` is destroyed before being fully written to, it is considered aborted and should throw an error. L8920: // This can happen for example when user called `subprocess.stdin.destroy()` before `subprocess.stdin.end()`. L8921: // However, Node.js calls `subprocess.stdin.destroy()` on exit for cleanup purposes. L8922: // https://github.[redacted]child_process.js#L278 L8923: // This is normal and should not throw an error. ... L8928: // The only way to detect this is to spy on `subprocess.stdin._destroy()` by wrapping it. L8929: // If `subprocess.exitCode` or `subprocess.signalCode` is set, it means `.destroy()` is being called by Node.js itself. L8930: const handleStdinDestroy = (stream, {originalStreams: [originalStdin], subprocess}) => {
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.jsView on unpkg · L8919
2import { Command } from 'commander'; L3: import child_process, { execFileSync, ChildProcess, execFile, spawnSync, spawn } from 'node:child_process'; L4: import { randomBytes, randomUUID } from 'node:crypto'; ... L7: import fs4__default__default, { readFile, mkdir, writeFile, chmod, unlink } from 'node:fs/promises'; L8: import { createServer } from 'node:http'; L9: import os, { homedir, release, constants } from 'node:os'; ... L14: import util, { debuglog, stripVTControlCharacters, inspect, promisify, callbackify, aborted, styleText } from 'node:util'; L15: import process$2, { platform, hrtime, execPath, execArgv, stdout, stdin } from 'node:process'; L16: import tty, { ReadStream } from 'node:tty'; ... L90: // with no body, we should not to set Content-Type L91: serializedBody === void 0 || // if serialized body is FormData; browser will correctly set Content-Type & boundary expression L92: serializedBody instanceof FormData ? {} : {
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/index.jsView on unpkg · L2

Findings

5 High3 Medium5 Low
HighChild Processdist/index.js
HighShelldist/index.js
HighSame File Env Network Executiondist/index.js
HighCommand Output Exfiltrationdist/index.js
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings