registry  /  forge-executor  /  2.0.1

forge-executor@2.0.1

Forge Executor — autonomous multi-LLM engineering harness: milestones, dialectic reviews, aptitude-based routing (Claude, GPT, Grok) with markdown-as-truth state

Static Scan Results

scanned 9h ago · by rust-scanner

Static analysis flagged 16 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1,246 file(s), 11.3 MB of source, external domains: 10.0.0.5, 127.0.0.1, 192.168.1.1, ai-gateway.vercel.sh, antigravity.google, api-dashboard.search.brave.com, api.anthropic.com, api.cerebras.ai, api.cloudflare.com, api.deepseek.com, api.fireworks.ai, api.github.com, api.groq.com, api.individual.githubcopilot.com, api.kimi.com, api.minimax.io, api.minimaxi.com, api.mistral.ai, api.moonshot.ai, api.moonshot.cn, api.openai.com, api.search.brave.com, api.tavily.com, api.telegram.org, api.together.ai, api.x.ai, api.xiaomimimo.com, api.z.ai, auth.openai.com, bedrock-runtime.eu-central-1.amazonaws.com, bedrock-runtime.us-east-1.amazonaws.com, chatgpt.com, claude.ai, cli.github.com, context7.com, discord.com, example.com, example.dev, example.test, exemplo.dev, fake.gsd.local, gateway.ai.cloudflare.com, generativelanguage.googleapis.com, git-scm.com, github.com, my-proxy.example.com, ollama.com, opencode.ai, opengsd.net, openrouter.ai

Source & flagged code

7 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/resources/extensions/bg-shell/bg-shell-lifecycle.jsView file
23try { L24: const { listDescendants } = require("@gsd/native"); L25: const descendants = listDescendants(process.pid);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/resources/extensions/bg-shell/bg-shell-lifecycle.jsView on unpkg · L23
src/resources/extensions/browser-tools/tests/browser-tools-unit.test.cjsView file
146const mockState = { L147: url: "http://localhost:3000/dashboard", L148: title: "Dashboard", ... L480: const contextRoot = mkdtempSync(join(tmpdir(), "browser-tools-context-")); L481: const previousCwd = process.cwd(); L482: t.after(() => {
Medium
Unsafe Vm Context

Package source executes code through a VM context API.

src/resources/extensions/browser-tools/tests/browser-tools-unit.test.cjsView on unpkg · L146
dist/resources/extensions/claude-code-cli/stream-adapter.jsView file
11import { EventStream } from "@gsd/pi-ai"; L12: import { execSync } from "node:child_process"; L13: import { createHash } from "node:crypto"; ... L39: export function resolveClaudeCodeCwd(options) { L40: return options?.cwd && options.cwd.trim().length > 0 ? options.cwd : process.cwd(); L41: } ... L44: /** Regex pattern that identifies field names and descriptions that should be treated as sensitive/secure inputs. */ L45: const SENSITIVE_FIELD_PATTERN = /(password|passphrase|secret|token|api[_\s-]*key|private[_\s-]*key|credential)/i; L46: /** Mirrors @opengsd/mcp-server's ask_user_questions host elicitation timeout. */ ... L97: /** Return the shell command used to locate the `claude` binary on the given platform. */ L98: export function getClaudeLookupCommand(platform = process.platform) { L99: return platform === "win32" ? "where claude" : "which claude";
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/resources/extensions/claude-code-cli/stream-adapter.jsView on unpkg · L11
dist/resources/extensions/voice/speech-recognizer.pyView file
path = [redacted]-recognizer.py kind = build_helper sizeBytes = 16970 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

dist/resources/extensions/voice/speech-recognizer.pyView on unpkg
src/resources/skills/github-workflows/references/gh/tests/test_github_project_setup.pyView file
path = src/resources/skills/github-workflows/references/gh/tests/test_github_project_setup.py kind = payload_in_excluded_dir sizeBytes = 24877 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

src/resources/skills/github-workflows/references/gh/tests/test_github_project_setup.pyView on unpkg

Findings

2 High7 Medium7 Low
HighInstall Time Lifecycle Scriptspackage.json
HighPayload In Excluded Dirsrc/resources/skills/github-workflows/references/gh/tests/test_github_project_setup.py
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requiredist/resources/extensions/bg-shell/bg-shell-lifecycle.js
MediumUnsafe Vm Contextsrc/resources/extensions/browser-tools/tests/browser-tools-unit.test.cjs
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperdist/resources/extensions/voice/speech-recognizer.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/resources/extensions/claude-code-cli/stream-adapter.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings