registry  /  fraim-framework  /  2.0.189

fraim-framework@2.0.189

⚠ Under review

FRAIM: AI Workforce Infrastructure — the organizational capability that turns AI agents into an accountable workforce, their operators into capable AI managers, and executives into leaders with clear optics on AI proficiency.

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis flagged 17 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 186 file(s), 2.34 MB of source, external domains: 127.0.0.1, accounts.google.com, ai.google.dev, antigravity.google, api.anthropic.com, api.dicebear.com, api.github.com, api.githubcopilot.com, api.stripe.com, app.seekout.com, astral.sh, cdn.jsdelivr.net, checkout.stripe.com, claude.ai, code.visualstudio.com, cursor.com, design.claude.ai, dev.azure.com, docs.astral.sh, docs.github.com, docs.gitlab.com, docs.microsoft.com, fonts.googleapis.com, fonts.gstatic.com, fraim.wellnessatwork.me, fraimworks.ai, github.com, gitlab.com, hooks.stripe.com, id.atlassian.com, js.stripe.com, kiro.dev, oauth2.googleapis.com, openai.com, support.atlassian.com, support.claude.com, windsurf.com, www.anthropic.com, www.claude.ai, www.fraimworks.ai, www.indeed.com, www.linkedin.com, x.ai

Source & flagged code

9 flagged · loading source
package.jsonView file
scripts.postinstall = node ./bin/fraim.js sync --skip-updates || echo 'FRAIM setup skipped.'
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./bin/fraim.js sync --skip-updates || echo 'FRAIM setup skipped.'
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/src/core/utils/git-utils.jsView file
9exports.sanitizeRepoIdentifier = sanitizeRepoIdentifier; L10: const child_process_1 = require("child_process"); L11: function extractLocalFolderLabel(rawPath) {
High
Child Process

Package source references child process execution.

dist/src/core/utils/git-utils.jsView on unpkg · L9
bin/fraim.jsView file
10// In production/installed package, code is in dist/ L11: require('../dist/src/cli/fraim.js'); L12: } catch (error) {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/fraim.jsView on unpkg · L10
dist/src/ai-hub/word-sideload.jsView file
21const os_1 = __importDefault(require("os")); L22: const child_process_1 = require("child_process"); L23: const MANIFEST_GUID = 'd1090951-50cf-4cf2-9d12-b0f8541d265c'; ... L26: path_1.default.resolve(projectPath, 'extensions/office-word/manifest.xml'), L27: path_1.default.resolve(__dirname, '..', '..', 'extensions/office-word/manifest.xml'), L28: path_1.default.resolve(__dirname, '..', '..', '..', 'extensions/office-word/manifest.xml'), ... L32: function isSideloaded() { L33: if (process.platform === 'win32') { L34: const result = (0, child_process_1.spawnSync)('reg', [ ... L38: ], { encoding: 'utf8' }); L39: return result.status === 0 && result.stdout.includes(MANIFEST_GUID); L40: }
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/src/ai-hub/word-sideload.jsView on unpkg · L21
dist/src/cli/doctor/checks/mcp-connectivity-checks.jsView file
53const child_process_1 = require("child_process"); L54: const axios_1 = __importDefault(require("axios")); L55: const toml = __importStar(require("toml")); ... L68: try { L69: const command = process.platform === 'win32' ? (process.env.ComSpec || 'cmd.exe') : 'npm'; L70: const args = process.platform === 'win32' ? ['/d', '/s', '/c', 'npm --version'] : ['--version'];
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/src/cli/doctor/checks/mcp-connectivity-checks.jsView on unpkg · L53
dist/src/cli/commands/override.jsView file
10const chalk_1 = __importDefault(require("chalk")); L11: const axios_1 = __importDefault(require("axios")); L12: const git_utils_1 = require("../../core/utils/git-utils"); ... L20: .action(async (registryPath, options) => { L21: const projectRoot = process.cwd(); L22: const configPath = (0, project_fraim_paths_1.getWorkspaceConfigPath)(projectRoot); ... L61: if (fs_1.default.existsSync(configPath)) { L62: config = JSON.parse(fs_1.default.readFileSync(configPath, 'utf-8')); L63: } ... L65: if (isLocal) { L66: const localPort = process.env.FRAIM_MCP_PORT ? parseInt(process.env.FRAIM_MCP_PORT) : (0, git_utils_1.getPort)(); L67: serverUrl = `http://localhost:${localPort}`;
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/src/cli/commands/override.jsView on unpkg · L10
dist/src/cli/setup/user-level-sync.jsView file
95try { L96: (0, child_process_1.execSync)('npm install --no-audit --no-fund --no-save --no-package-lock --omit=dev', { L97: cwd: baseDir,
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/src/cli/setup/user-level-sync.jsView on unpkg · L95
dist/src/cli/commands/add-provider.jsView file
matchType = previous_version_dangerous_delta matchedPackage = fraim-framework@2.0.183 matchedIdentity = npm:ZnJhaW0tZnJhbWV3b3Jr:2.0.183 similarity = 0.850 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/src/cli/commands/add-provider.jsView on unpkg

Findings

1 Critical5 High6 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/src/cli/commands/add-provider.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdist/src/core/utils/git-utils.js
HighSame File Env Network Executiondist/src/cli/doctor/checks/mcp-connectivity-checks.js
HighSandbox Evasion Gated Capabilitydist/src/cli/commands/override.js
HighRuntime Package Installdist/src/cli/setup/user-level-sync.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requirebin/fraim.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/src/ai-hub/word-sideload.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings