registry  /  expert-ai  /  0.6.1

expert-ai@0.6.1

Expert AI - Intelligent Research Agent with PI Framework

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 135 file(s), 1.51 MB of source, external domains: api.github.com, claude.ai, cli.github.com, expert-ai-gateway.arthouse.workers.dev, git-scm.com, github.com, mariozechner.at, mistral.ai, pi.dev, registry.npmjs.org, ssv.asia

Source & flagged code

6 flagged · loading source
bin/x.jsView file
6import { homedir } from "node:os"; L7: import { spawn } from "node:child_process"; L8:
High
Child Process

Package source references child process execution.

bin/x.jsView on unpkg · L6
76if (process.platform === "win32") { L77: // `start` is a cmd builtin, not an exe — must go through cmd.exe. The "" is the window title. L78: spawn("cmd", ["/c", "start", "", url], { stdio: "ignore", detached: true }).unref();
High
Shell

Package source references shell execution.

bin/x.jsView on unpkg · L76
6import { homedir } from "node:os"; L7: import { spawn } from "node:child_process"; L8: L9: const __filename = fileURLToPath(import.meta.url); L10: const __dirname = dirname(__filename); L11: ... L18: L19: const WORKER_URL = "https://expert-ai-gateway.arthouse.workers.dev"; L20: const HOME_DIR = resolve(homedir(), ".expert-ai-terminal"); ... L46: try { L47: const s = JSON.parse(readFileSync(SESSION_FILE, "utf-8")); L48: if (s.token && s.sessionExpires && s.sessionExpires > Math.floor(Date.now() / 1000)) return s;
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

bin/x.jsView on unpkg · L6
209package = expert-ai; repositoryIdentity = expert-ai-terminal; dependency = qrcode-terminal L209: L210: let qr; try { qr = (await import("qrcode-terminal")).default; } catch {} L211: console.log(`\n${c.bold}${tierLabel}${kind === "monthly" ? " (Monthly)" : ""} — ₹${rupees}${c.reset}\n`);
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

bin/x.jsView on unpkg · L209
bin/qt.cjsView file
32const chalk = _styler([]); L33: const inquirer = require('inquirer'); L34: const fse = require('fs-extra');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/qt.cjsView on unpkg · L32
bin/xpi.jsView file
45const r = process.platform === "win32" L46: ? spawnSync(`npm install ${pkg} --prefix "${RAW_PI_PREFIX}" --no-audit --no-fund --loglevel error`, { stdio: "inherit", shell: true }) L47: : spawnSync("npm", ["install", pkg, "--prefix", RAW_PI_PREFIX, "--no-audit", "--no-fund", "--loglevel", "error"], { stdio: "inherit" });
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/xpi.jsView on unpkg · L45

Findings

5 High4 Medium4 Low
HighChild Processbin/x.js
HighShellbin/x.js
HighSandbox Evasion Gated Capabilitybin/x.js
HighCopied Package Dependency Bridgebin/x.js
HighRuntime Package Installbin/xpi.js
MediumDynamic Requirebin/qt.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings