registry  /  github-router  /  0.3.136

github-router@0.3.136

A reverse proxy that exposes GitHub Copilot as OpenAI and Anthropic compatible API endpoints.

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 15 file(s), 1.43 MB of source, external domains: 127.0.0.1, animeshkundu.github.io, api.github.com, api.githubcopilot.com, aur.archlinux.org, docs.claude.com, github.com, huggingface.co, marketplace.visualstudio.com

Source & flagged code

5 flagged · loading source
dist/lifecycle-Cqe8OQVX.jsView file
5import process from "node:process"; L6: import { spawn, spawnSync } from "node:child_process"; L7: import { existsSync } from "node:fs";
High
Child Process

Package source references child process execution.

dist/lifecycle-Cqe8OQVX.jsView on unpkg · L5
33* and skip (best-effort). Spawning the returned absolute path means L34: * `cmd.exe`'s implicit cwd-first lookup never applies, closing the L35: * planted-`npm.cmd` vector.
High
Shell

Package source references shell execution.

dist/lifecycle-Cqe8OQVX.jsView on unpkg · L33
dist/peer-mcp-personas-Dmx4S0_5.jsView file
12import process$1 from "node:process"; L13: import { execFile, execFileSync, spawn, spawnSync } from "node:child_process"; L14: import { chmodSync, closeSync, cpSync, existsSync, mkdirSync, openSync, promises, readFileSync, readdirSync, realpathSync, renameSync, rmSync, statSync, unlinkSync, writeFileSync, ... ... L61: const API_VERSION = "2026-01-09"; L62: const copilotBaseUrl = (state$1) => state$1.copilotApiUrl ?? "https://api.githubcopilot.com"; L63: const copilotHeaders = (state$1, vision = false, integrationId = "vscode-chat") => { ... L889: for (const path$1 of candidates) try { L890: const raw = readFileSync(path$1, "utf8"); L891: const parsed = JSON.parse(raw); ... L21279: L21280: Available tools/roles to assign per node: ${toolCatalog}`; L21281: const CRITIQUE_INSTRUCTIONS = "You are a cross-lab reviewer of a workflow IR (JSON). List concrete concerns that would weaken the result — missing verification, a mis-scoped node, ...
High
Remote Agent Bridge

Source exposes local file and command tools to a remote model endpoint.

dist/peer-mcp-personas-Dmx4S0_5.jsView on unpkg · L12
1Cross-file remote execution chain: dist/peer-mcp-personas-Dmx4S0_5.js spawns dist/browser-bridge/index.js; helper contains network access plus dynamic code execution. L1: import { t as PATHS } from "./paths-Cn5OzmYL.js"; L2: import { d as runCommandCapture, l as parseBoolEnv, n as isPidAlive, o as trackChild, p as runManagedExeCapture, r as registerColbertExitHandlers, t as getColbertInstanceUuid, u as... L3: import { i as registerExitHandlers, n as getInstanceUuid, r as recordWorkerRepo, t as WorktreeRegistry } from "./lifecycle-CeVDX6av.js"; ... L15: import { fileURLToPath } from "node:url"; L16: import { Agent } from "undici"; L17: import { performance } from "node:perf_hooks"; ... L20: import { Worker } from "node:worker_threads"; L21: import { gunzipSync, inflateRawSync } from "node:zlib"; L22: import WebSocket from "ws"; ... L82: }; L83: const GITHUB_API_BASE_URL = process.env.GITHUB_API_URL ?? "https://api.github.com"; L84: const githubHeaders = (state$1) => ({
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/peer-mcp-personas-Dmx4S0_5.jsView on unpkg · L1
32//#region rolldown:runtime L33: var __require = /* @__PURE__ */ createRequire(import.meta.url); L34:
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/peer-mcp-personas-Dmx4S0_5.jsView on unpkg · L32

Findings

4 High4 Medium5 Low
HighChild Processdist/lifecycle-Cqe8OQVX.js
HighShelldist/lifecycle-Cqe8OQVX.js
HighRemote Agent Bridgedist/peer-mcp-personas-Dmx4S0_5.js
HighCross File Remote Execution Contextdist/peer-mcp-personas-Dmx4S0_5.js
MediumDynamic Requiredist/peer-mcp-personas-Dmx4S0_5.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings