Lines 1-42javascript
2var hi=Object.defineProperty;var O=(t,e)=>()=>(t&&(e=t(t=0)),e);var de=(t,e)=>{for(var r in e)hi(t,r,{get:e[r],enumerable:!0})};import Ne from"picocolors";function yt(t,e){let r=Math.max(t.length+4,...e.map(a=>Xt(a).length+4)),n=`${p("\u256D")}${p("\u2500".repeat(r))}${p("\u256E")}`,o=`${p("\u2570")}${p("\u2500".repeat(r))}${p("\u256F")}`,c=`${p("\u2502")} ${L} ${v(t)}${" ".repeat(r-Xt(t).length-4)}${p("\u2502")}`,s=`${p("\u251C")}${p("\u2500".repeat(r))}${p("\u2524")}`,l=e.map(a=>{let u=r-Xt(a).length-2;return`${p("\u2502")} ${a}${" ".repeat(Math.max(0,u))}${p("\u2502")}`});return[n,c,s,...l, ...
3`)}function Xt(t){return t.replace(/\x1b\[[0-9;]*m/g,"")}var se,yi,ae,vi,p,v,L,D,Qe,jr,ht,Or,Mr,Nr,Xe,R,U=O(()=>{"use strict";se=t=>Ne.red(t),yi=t=>Ne.yellow(t),ae=t=>Ne.green(t),vi=t=>Ne.red(t),p=t=>Ne.dim(t),v=t=>Ne.bold(t),L="\u{1F98E}",D=ae("\u2713"),Qe=vi("\u2716"),jr=yi("\u26A0"),ht="\u{12248}",Or=`
6 ${se(" / \u{1F525} \\")}
9 ${v(" g i b i l")} ${p(ht)}
10`,Mr=`${L} ${v("gibil")} ${p(ht)}`,Nr=["\u280B","\u2819","\u2839","\u2838","\u283C","\u2834","\u2826","\u2827","\u2807","\u280F"],Xe=class{timer=null;frame=0;text;constructor(e){this.text=e}start(){return process.stderr.isTTY?(this.timer=setInterval(()=>{let e=se(Nr[this.frame%Nr.length]);process.stderr.write(`\r ${e} ${this.text}`),this.frame++},80),this):(process.stderr.write(` ${this.text}
11`),this)}update(e){this.text=e,process.stderr.isTTY||process.stderr.write(` ${e}
12`)}succeed(e){this.stop(),process.stderr.write(`\r ${D} ${e??this.text}
13`)}fail(e){this.stop(),process.stderr.write(`\r ${Qe} ${e??this.text}
14`)}stop(){this.timer&&(clearInterval(this.timer),this.timer=null,process.stderr.isTTY&&process.stderr.write("\r\x1B[K"))}};R={welcome:`${L} Your first fire. Welcome to Gibil.`,noInstances:`${L} No fires burning. Gibil sleeps.`,destroyAll:`${L} All fires extinguished. Gibil moves on.`,destroySingle:t=>`${L} "${t}" \u2014 fire out.`,authSuccess:`${L} Logged in. The forge is yours.`,authLogout:`${L} Logged out. The forge cools.`,createReady:(t,e)=>`${L} "${t}" forged ${p(`(${e}s)`)}`,fleetReady:(t,e)=>`${L} Fleet forged \u2014 ${t}/${e} fires lit.`,ttlWarning:(t,e)=>`${L} ${t} \u2014 flame is low ...
15 Your Hetzner token may be invalid or expired. Run: gibil init --force`:t===409&&e.includes("name")?`
16 A server with this name already exists. Try a different --name or run: gibil destroy <name>`:t===422&&(e.includes("location")||e.includes("server_type"))?`
17 This server type may not be available in your region. Run: gibil init --force`:t===429?`
18 Rate limited by Hetzner. Wait a moment and retry your command.`:""}function cr(t){return{id:t.id,name:t.name,status:t.status,ipv4:t.public_net.ipv4.ip,ipv6:t.public_net.ipv6.ip,serverType:t.server_type?.name??"unknown",location:t.datacenter?.location?.name??"unknown",labels:t.labels,created:t.created}}function Oi(t){return{id:t.id,name:t.name,fingerprint:t.fingerprint??""}}var Ri,lr,Fr=O(()=>{"use strict";I();et();er();fe();Ri="https://api.hetzner.cloud/v1";lr=class t{http;constructor(e){this.http=new je({baseUrl:Ri,token:e,providerName:"Hetzner",parseError:Ni,hint:ji})}static async create(e ...
20No ${t.label} account? Get ${t.credit} free credits \u2192 ${t.ref_url}
21${t.disclosure}`:""}function ur(t,e){if(e)return null;let r=Pt(t);return r?`New here? ${r.credit} free credits \u2192 ${r.ref_url}`:null}var Gr,kt=O(()=>{"use strict";Gr
22 Your Vultr API key may be invalid. Re-run: gibil init --provider vultr --token <new-key>`:t===429?`
23 Rate limited by Vultr. Wait a moment and retry.`:""}function dr(t){let e=t.status;t.status==="active"&&t.power_status==="running"?e="running":t.status==="pending"&&(e="initializing");let r={};for(let n of t.tags??[])r[n]="true";return{id:t.id,name:t.label,status:e,ipv4:t.main_ip,ipv6:t.v6_main_ip,serverType:t.plan,location:t.region,labels:r,created:t.date_created}}
24`}function no(t){return t.toString("base64")}function Ct(t){return Buffer.from(t,"base64")}function io(t,e){if(t.length!==e.length)return!1;let r=Buffer.from(t,"utf8"),n=Buffer.from(e,"utf8");return r.length!==n.length?!1:to(r,n)}function yr(t,e){let r=no(e),n=hr(e);return t?io(t,r)?{outcome:"verified",fingerprint:n,presentedBase64:r}:{outcome:"mismatch",fingerprint:n,presentedBase64:r}:{outcome:"pinned",fingerprint:n,presentedBase64:r}}async function tn(t,e,r){let n=await t.load(e);if(!n)throw new Error(`Instance "${e}" not found \u2014 cannot persist host key.`);await t.save({...n,hostPublic ...
HighSame File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L13 HighCommand Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/cli/index.jsView on unpkg · L9 HighChild Process
Package source references child process execution.
dist/cli/index.jsView on unpkg · L22 26 Presented: ${u.fingerprint}
27This usually means a man-in-the-middle attempt, or the instance was rebuilt outside gibil. If the rebuild was expected, run: gibil destroy ${e} && gibil create --name ${e} ...`))}let w="";x.code==="ECONNREFUSED"?w=" (instance may have been destroyed or is still booting)":x.code==="EHOSTUNREACH"?w=" (IP unreachable \u2014 instance may not be running)":x.code==="ETIMEDOUT"&&(w=" (connection timed out \u2014 check if instance is running with 'gibil list')"),f(new Error(`SSH connection to ${r} failed: ${
28`)}function Nt(t){return vr(t).split(`
CriticalCredential Exfiltration
Source appears to send environment or credential material to an external endpoint.
dist/cli/index.jsView on unpkg · L9 CriticalTrigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli/index.jsView on unpkg · L9 MediumInstall Persistence
Source writes installer persistence such as shell profile or service configuration.
dist/cli/index.jsView on unpkg · L9 29`).join(" ; ")}function Pe(t){let{repo:e,config:r,ttlMinutes:n,githubToken:o,gitIdentity:c}=t,s=["#!/bin/bash","set -euo pipefail","","# \u2500\u2500 Gibil cloud-init \u2500\u2500","export HOME=/root","export DEBIAN_FRONTEND=noninteractive"];o&&s.push(`export GITHUB_TOKEN=${q(o)}`),s.push("","# Base packages","apt-get update -qq","apt-get install -y -qq git curl wget build-essential unzip at > /dev/null 2>&1","systemctl enable --now atd > /dev/null 2>&1 || true","","# Install GitHub CLI","if ! type gh > /dev/null 2>&1; then"," curl -fsSL https://cli.github.com/packages/githubcli-archive-keyri ...
30`)}function oo(t){let e=[];if(t.startsWith("node:")){let r=t.split(":")[1]??"22";e.push("# Install Node.js"),e.push(`curl -fsSL https://deb.nodesource.com/setup_${r}.x | bash - > /dev/null 2>&1`),e.push("apt-get install -y -qq nodejs > /dev/null 2>&1"),e.push("npm install -g pnpm@10 > /dev/null 2>&1"),e.
31`),y=Buffer.from(h).toString("base64"),_=`mkdir -p ${u} && echo '${y}' | base64 -d > ${g} && chmod +x ${g} && bash ${g}`,x;try{x=await k({instanceName:e,ip:o.ip,command:_,timeoutMs:1e4})}catch(C){throw Ae(C)&&await Q(o)==="cleaned"&&process.exit(1),C}let w=parseInt(x.stdout.trim(),10);isNaN(w)&&(i.error("Failed to start background job \u2014 could not capture PID"),process.exit(1)),await X({id:a,instance:e,command:c,pid:w,status:"running",startedAt:new Date().toISOString()}),n.json?i.json({job_id:a,instance:e,status:"running",pid:w}):(i.info(`Background job started: ${a} (PID ${w})`),i.info(` ...
32${R.destroyAll}`):i.info(`
33${s.length} destroyed, ${l.length} failed`)}else{e||(i.error('Specify an instance name or use --all. Run "gibil list" to see instances.'),process.exit(1));let n=await Ln(e);r.json&&i.json({destroyed:[e],receipts:n?[n]:[]})}})}M();I();U();function zn(t){t.command("list").alias("ls").description("List all active gibil instances").option("--json","Output as JSON").action(async e=>{e.json&&T(!0);let r=await ne();if(r.length===0){e.json?i.json({instances:[]}):i.info(R.noInstances);return}let n=r.map(o=>{let c=Math.max(0,Math.floor((new Date(o.expiresAt).getTime()-Date.now())/1e3)),s=ie(o);return{na ...
34${p(`${n.length} server(s)`)}`)})}function ns(t,e){if(t==null)return"-";let r=t>0&&t<.01?"<$0.01":`$${t.toFixed(2)}`;return e==
36Suggestion: ${r}`),n}function dt(t){let e=t instanceof Error?t.message:String(t);return/no active server|not found|no servers|does not exist/i.test(e)?"instance_not_found":/timeout|timed out|ETIMEDOUT/i.test(e)?"timeout":/ECONNREFUSED|EHOSTUNREACH|SSH connection|ssh2|handshake/i.test(e)?"ssh_connection":/hetzner|api|token|401|403|409|422|429|quota/i.test(e)?"provider_error":/invalid|must be|validation/i.test(e)?"validation":"provider_error"}var Vt="key::";function gs(){try{let t=Jt("git config user.name",{encoding:"utf-8"}).trim(),e=Jt("git config user.email",{encoding:"utf-8"}).trim();if(!t|| ...
37${(await k({instanceName:P,ip:$e,command:"tail -20 /var/log/cloud-init-output.log 2>/dev/null || echo 'no log'",timeoutMs:1e4})).stdout}`}catch{}}}let gt;if(u){let oe=u.replace(/'/g,"'\\''");try{if((await k({instanceName:P,ip:$e,command:"cd /root/project && git rev-parse --abbrev-ref HEAD",timeoutMs
38`),P=Buffer.from(C).toString("base64"),b=`mkdir -p ${h} && echo '${P}' | base64 -d > ${w} && chmod +x ${w} && bash ${w}`,E=await Re(a,b,1e4),G=parseInt(E.stdout.trim(),10);return isNaN(G)?{content:[{type:"text",text:N("command_failed","Failed to start background job \u2014 could not capture PID","Check that the server is accessible and the command is valid")}],isError:!0}:(await X({id:g,instance:a.name,command:l.command,pid:G,status:"running",startedAt:new Date().toISOString()}),{content:[{type:"text",text:JSON.stringify({job_id:g,instance:a.name,status:"running",pid:G,hint:"Poll with vm_job_s ...
39`)||"(no output)"}],isError:f.exitCode!==0}}),n.tool("vm_job_status","Check the status of a background job started with vm_bash(background=true). Returns status, exit code, and output when done.",{job_id:$.string().describe("Job ID returned by vm_bash with background=true")},async l=>{try{let a=await ve(l.job_id),u=await Tr(l.job_id);return{content:[{type:"text",text:JSON.stringify({job_id:l.job_id,instance:a.instance,command:a.command,status:u.status,exit_code:u.exitCode,started_at:a.startedAt,duration_s:u.durationS,
40`))if(e.startsWith("ip=")){let r=e.slice(3).trim();return r.length>0?r:null}return null}var bs="https://console.vultr.com/user/apiaccess/",ws="https://whatismyip.com";function ni(t){let e=t.program?.console_url??bs;if(t.hasAccount)return[{heading:"Vultr API Key",body:["Get your personal access token from the API access page."],link:e,gate:!1}];let r=[];return t.program&&r.push({heading:"New to Vultr?",body:[`Sign up with this link to get ${t.program.credit} in free credits \u2014 enough for weeks of Gibil usage on small VMs.`],link:t.program.ref_url,disclosure:t.program.disclosure,gate:!0}),r. ...
42 Most likely cause: your IP isn't whitelisted under "Access Control".
Long lines were clipped for display.