390${kc(n)}`,rules:u,outputFormat:i,qualityBand:o?Kf(c):0,...o&&{persona:Nc}};return o&&r&&r.length>0&&(d={...d,findings:r}),s&&s.length>0&&(d={...d,repoContext:s}),d};var p4=new Set(...
L391: `),r=[],s=[];for(let a of e){if(a.startsWith("+++ ")){let c=a.slice(4).trim(),l=c.startsWith("b/")?c.slice(2):c==="/dev/null"?null:c;l&&l.length>0&&r.push(l);continue}a.startsWith(...
L392:
...
L400: ${e.join(`
L401: `)}`}var kT={$schema:"../../../packages/socket/schemas/plug-manifest.v1.json",schemaVersion:"1.0.0",id:"rules-baseline-pack",name:"Baseline Rule Pack (lexical security patterns)",o...
L402: `?(r++,s=0):s++;return{line:r,column:s}},U4={javascript:"JavaScript",typescript:"TypeScript",tsx:"TsxAst",python:"Python",rust:"Rust",go:"Go",ruby:"Ruby",java:"Java",c:"C",cpp:"Cpp...
L403: `);imp
CriticalSame File Env Network Execution
A single source file combines environment access, network access, and code or shell execution with blocking evidence.
dist/gitgecko.jsView on unpkg · L390 130)
L131: `)}close(){this.#s.close()}get(e){Zh(e);let r=this.#g(e);return r?{body:r.body?Buffer.from(r.body.buffer,r.body.byteOffset,r.body.byteLength):void 0,statusCode:r.statusCode,statusM...
L132: ${i}`;return}if(wc(e,n,yW)){wW(e,o)&&(r.retry=e.toString("utf8",o));return}if(wc(e,n,mW)){SW(e,o)&&(r.id=e.toString("utf8",o));return}if(wc(e,n,BW)){let i=e.toString("utf8",o);i.le...
...
L134: `);t.stack=r?`${r}
L135: ${o}`:n.stack}R.exports.fetch=function(e,r=void 0){return nK(e,r).catch(s=>{throw Ob?Pb(s,Ob):s&&typeof s=="object"&&Error.captureStackTrace(s,R.exports.fetch),s})};R.exports.Heade...
L136: `)}};xi.defaultYaml={explicit:!1,version:"1.2"};xi.defaultTags={"!!":"tag:yaml.org,2002:"};HN.Directives=xi});var Lc=Q(Oi=>{"use strict";var YN=W(),Pj=Li();function qj(t){if(/[\x00...
CriticalBuiltin Api Tampering Exfiltration
Source mutates builtin networking, serialization, module-loading, or filesystem APIs while forwarding data to an external endpoint.
dist/gitgecko.jsView on unpkg · L130 390Trigger-reachable chain: manifest.main -> dist/gitgecko.js
L390: ${kc(n)}`,rules:u,outputFormat:i,qualityBand:o?Kf(c):0,...o&&{persona:Nc}};return o&&r&&r.length>0&&(d={...d,findings:r}),s&&s.length>0&&(d={...d,repoContext:s}),d};var p4=new Set(...
L391: `),r=[],s=[];for(let a of e){if(a.startsWith("+++ ")){let c=a.slice(4).trim(),l=c.startsWith("b/")?c.slice(2):c==="/dev/null"?null:c;l&&l.length>0&&r.push(l);continue}a.startsWith(...
L392:
...
L400: ${e.join(`
L401: `)}`}var kT={$schema:"../../../packages/socket/schemas/plug-manifest.v1.json",schemaVersion:"1.0.0",id:"rules-baseline-pack",name:"Baseline Rule Pack (lexical security patterns)",o...
L402: `?(r++,s=0):s++;return{line:r,column:s}},U4={javascript:"JavaScript",typescript:"TypeScript",tsx:"TsxAst",python:"Python",rust:"Rust",go:
CriticalTrigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/gitgecko.jsView on unpkg · L390 402`?(r++,s=0):s++;return{line:r,column:s}},U4={javascript:"JavaScript",typescript:"TypeScript",tsx:"TsxAst",python:"Python",rust:"Rust",go:"Go",ruby:"Ruby",java:"Java",c:"C",cpp:"Cpp...
L403: `);import{execFileSync as x4,spawnSync as O4}from"node:child_process";import{existsSync as H4}from"node:fs";import{extname as vl}from"node:path";var Ut=class extends Error{result;c...
L404: `)};import{readFileSync as wz,writeFileSync as iv,mkdirSync as Av,existsSync as av,rmSync as Sz}from"node:fs";import{join as ip}from"node:path";import{homedir as Dz,hostname as bz}...
400${e.join(`
L401: `)}`}var kT={$schema:"../../../packages/socket/schemas/plug-manifest.v1.json",schemaVersion:"1.0.0",id:"rules-baseline-pack",name:"Baseline Rule Pack (lexical security patterns)",o...
L402: `?(r++,s=0):s++;return{line:r,column:s}},U4={javascript:"JavaScript",typescript:"TypeScript",tsx:"TsxAst",python:"Python",rust:"Rust",go:"Go",ruby:"Ruby",java:"Java",c:"C",cpp:"Cpp...
390${kc(n)}`,rules:u,outputFormat:i,qualityBand:o?Kf(c):0,...o&&{persona:Nc}};return o&&r&&r.length>0&&(d={...d,findings:r}),s&&s.length>0&&(d={...d,repoContext:s}),d};var p4=new Set(...
L391: `),r=[],s=[];for(let a of e){if(a.startsWith("+++ ")){let c=a.slice(4).trim(),l=c.startsWith("b/")?c.slice(2):c==="/dev/null"?null:c;l&&l.length>0&&r.push(l);continue}a.startsWith(...
L392:
...
L400: ${e.join(`
L401: `)}`}var kT={$schema:"../../../packages/socket/schemas/plug-manifest.v1.json",schemaVersion:"1.0.0",id:"rules-baseline-pack",name:"Baseline Rule Pack (lexical security patterns)",o...
L402: `?(r++,s=0):s++;return{line:r,column:s}},U4={javascript:"JavaScript",typescript:"TypeScript",tsx:"TsxAst",python:"Python",rust:"Rust",go:"Go",ruby:"Ruby",java:"Java",c:"C",cpp:"Cpp...
L403: `);imp
HighCommand Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/gitgecko.jsView on unpkg · L390