registry  /  getprimer  /  0.14.2

getprimer@0.14.2

Shared memory for AI agents — works in Cursor, Claude Code, Windsurf, Zed, VS Code, and anything with MCP.

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 19 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 3.29 MB of source, external domains: 127.0.0.1, getprimer.cloud, github.com, json-schema.org, primer-presence.joshuajaimon8.workers.dev, primer-relay.primerctx.workers.dev, raw.githubusercontent.com, registry.npmjs.org, spec.openapis.org, stackoverflow.com, tools.ietf.org, www.apple.com, www.getprimer.cloud, www.safaribooksonline.com, www.w3.org, xffienfndbalfaawhaqp.supabase.co

Source & flagged code

11 flagged · loading source
out/cli.jsView file
21411patternName = supabase_service_key severity = critical line = 21411 matchedText = const SU...qI";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

out/cli.jsView on unpkg · L21411
21411patternName = supabase_service_key severity = critical line = 21411 matchedText = const SU...qI";
Critical
Secret Pattern

Supabase service role key (JWT) in out/cli.js

out/cli.jsView on unpkg · L21411
340fs.writeFileSync(WIN_BAT_FILE(root), bat, "utf-8"); L341: cp.spawn("cmd.exe", ["/c", WIN_BAT_FILE(root)], { detached: true, stdio: "ignore" }).unref(); L342: return "startup";
High
Shell

Package source references shell execution.

out/cli.jsView on unpkg · L340
78await new Promise((r) => setTimeout(r, 1500)); L79: const health = await new Promise((resolve6) => { L80: const req = http.get(`http://127.0.0.1:${port}/health`, { timeout: 2e3 }, (res) => { ... L84: try { L85: resolve6(JSON.parse(data)); L86: } catch { ... L233: try { L234: cp.execSync(`launchctl unload "${plistPath}" 2>/dev/null`, { stdio: "pipe" }); L235: } catch { ... L340: fs.writeFileSync(WIN_BAT_FILE(root), bat, "utf-8"); L341: cp.spawn("cmd.exe", ["/c", WIN_BAT_FILE(root)], { detached: true, stdio: "ignore" }).unref(); L342: return "startup";
High
Host Fingerprint Exfiltration

Source collects local host identity data and sends it to an external endpoint.

out/cli.jsView on unpkg · L78
78await new Promise((r) => setTimeout(r, 1500)); L79: const health = await new Promise((resolve6) => { L80: const req = http.get(`http://127.0.0.1:${port}/health`, { timeout: 2e3 }, (res) => { ... L84: try { L85: resolve6(JSON.parse(data)); L86: } catch { ... L233: try { L234: cp.execSync(`launchctl unload "${plistPath}" 2>/dev/null`, { stdio: "pipe" }); L235: } catch { ... L340: fs.writeFileSync(WIN_BAT_FILE(root), bat, "utf-8"); L341: cp.spawn("cmd.exe", ["/c", WIN_BAT_FILE(root)], { detached: true, stdio: "ignore" }).unref(); L342: return "startup";
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

out/cli.jsView on unpkg · L78
out/daemon.jsView file
6889try { L6890: return (0, import_child_process.execSync)(cmd, { L6891: cwd,
High
Child Process

Package source references child process execution.

out/daemon.jsView on unpkg · L6889
5619const data = isString ? content : JSON.stringify(content, null, 2); L5620: fs.writeFileSync(filePath, data, "utf-8"); L5621: } catch { ... L6889: try { L6890: return (0, import_child_process.execSync)(cmd, { L6891: cwd, ... L14068: * L14069: * This can be used by clients to improve the LLM's understanding of available tools, resources, etc. It can be thought of like a "hint" to the model. For example, this information ... L14070: */ ... L28616: configure(cfg) { L28617: if (!cfg.supabaseUrl || !cfg.supabaseAnonKey || !cfg.workspaceId) { L28618: this.enabled = false;
High
Remote Agent Bridge

Source exposes local file and command tools to a remote model endpoint.

out/daemon.jsView on unpkg · L5619
241Cross-file remote execution chain: out/daemon.js spawns out/cli.js; helper contains network access plus dynamic code execution. L241: var path27 = require("path"); L242: var win32 = process.platform === "win32"; L243: var { ... L370: const eos = () => index >= length; L371: const peek = () => str.charCodeAt(index + 1); L372: const advance = () => { ... L803: type: pattern[0], L804: body: pattern.slice(2, i), L805: end: i ... L4286: } catch (error2) { L4287: if (process.env.CHOKIDAR_PRINT_FSEVENTS_REQUIRE_ERROR) L4288: console.error(error2);
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

out/daemon.jsView on unpkg · L241
241var path27 = require("path"); L242: var win32 = process.platform === "win32"; L243: var { ... L370: const eos = () => index >= length; L371: const peek = () => str.charCodeAt(index + 1); L372: const advance = () => { ... L803: type: pattern[0], L804: body: pattern.slice(2, i), L805: end: i ... L4286: } catch (error2) { L4287: if (process.env.CHOKIDAR_PRINT_FSEVENTS_REQUIRE_ERROR) L4288: console.error(error2);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

out/daemon.jsView on unpkg · L241
34090site.name = fn.name; L34091: var deprecatedfn = new Function( L34092: "fn",
Low
Eval

Package source references a known benign dynamic code generation pattern.

out/daemon.jsView on unpkg · L34090
241var path27 = require("path"); L242: var win32 = process.platform === "win32"; L243: var { ... L370: const eos = () => index >= length; L371: const peek = () => str.charCodeAt(index + 1); L372: const advance = () => { ... L803: type: pattern[0], L804: body: pattern.slice(2, i), L805: end: i ... L4286: } catch (error2) { L4287: if (process.env.CHOKIDAR_PRINT_FSEVENTS_REQUIRE_ERROR) L4288: console.error(error2);
Low
Weak Crypto

Package source references weak cryptographic algorithms.

out/daemon.jsView on unpkg · L241

Findings

2 Critical6 High4 Medium7 Low
CriticalCritical Secretout/cli.js
CriticalSecret Patternout/cli.js
HighChild Processout/daemon.js
HighShellout/cli.js
HighHost Fingerprint Exfiltrationout/cli.js
HighSandbox Evasion Gated Capabilityout/cli.js
HighRemote Agent Bridgeout/daemon.js
HighCross File Remote Execution Contextout/daemon.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistenceout/daemon.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalout/daemon.js
LowWeak Cryptoout/daemon.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings