registry  /  gm-plugkit  /  2.0.1707

gm-plugkit@2.0.1707

⚠ Under review

Bootstrap and daemon-spawn tool for gm plugkit binary. Downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Includes plugkit-wasm-wrapper for WASM-based spool watching.

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 6 file(s), 263 KB of source, external domains: 127.0.0.1, github.com, registry.npmjs.org

Source & flagged code

10 flagged · loading source
supervisor.jsView file
7const crypto = require('crypto'); L8: const { spawn, spawnSync } = require('child_process'); L9:
High
Child Process

Package source references child process execution.

supervisor.jsView on unpkg · L7
7Cross-file remote execution chain: supervisor.js spawns plugkit-wasm-wrapper.js; helper contains network access plus dynamic code execution. L7: const crypto = require('crypto'); L8: const { spawn, spawnSync } = require('child_process'); L9: ... L11: try { L12: const primary = path.join(os.homedir(), '.gm-tools', 'plugkit-wasm-wrapper.js'); L13: const fallback = path.join(os.homedir(), '.claude', 'gm-tools', 'plugkit-wasm-wrapper.js'); ... L18: L19: const projectDir = process.env.CLAUDE_PROJECT_DIR || process.cwd(); L20: const spoolDir = path.join(projectDir, '.gm', 'exec-spool'); ... L85: let supTs = 0; L86: try { supTs = (JSON.parse(fs.readFileSync(SUPERVISOR_PATH, 'utf-8')).ts) || 0; } catch (_) {} L87: const spool = readStatus();
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

supervisor.jsView on unpkg · L7
plugkit-wasm-wrapper.jsView file
1027function isPortAliveSync(port) { L1028: const r = spawnSync(process.execPath, ['-e', ` L1029: const net = require('net'); L1030: const s = net.connect({ port: ${port}, host: '127.0.0.1' }); ... L1042: function playwriterHomeFor(cwd, claudeSessionId) { L1043: if (process.env.PLAYWRITER_HOME) return process.env.PLAYWRITER_HOME; L1044: if (!cwd) return path.join(GM_TOOLS_ROOT, `pw-sock-${sessionProfileSlug(claudeSessionId)}`);
Critical
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution with blocking evidence.

plugkit-wasm-wrapper.jsView on unpkg · L1027
1004Trigger-reachable chain: manifest.bin -> plugkit-wasm-wrapper.js L1004: function isPortReachableSync(host, port, timeoutMs) { L1005: const r = spawnSync(process.execPath, ['-e', ` L1006: const net = require('net'); L1007: const s = net.connect({ port: ${port}, host: ${JSON.stringify(host)} }); ... L1019: const srv = net.createServer(); L1020: srv.listen(0, '127.0.0.1', () => { const p = srv.address().port; srv.close(() => { process.stdout.write(String(p)); }); }); L1021: srv.on('error', e => { process.stderr.write(e.message); process.exit(1); });
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

plugkit-wasm-wrapper.jsView on unpkg · L1004
715function findBrowserRunner() { L716: const npmR = spawnSync('npm', ['root', '-g'], { encoding: 'utf-8', shell: true }); L717: if (npmR.status === 0 && npm[redacted]()) {
High
Shell

Package source references shell execution.

plugkit-wasm-wrapper.jsView on unpkg · L715
707if (!_aggregateCpuProfileFn) { L708: _aggregateCpuProfileFn = new Function(AGGREGATE_CPU_PROFILE_SRC + '\nreturn aggregateCpuProfile;')(); L709: }
High
Eval

Package source references dynamic code evaluation.

plugkit-wasm-wrapper.jsView on unpkg · L707
1004function isPortReachableSync(host, port, timeoutMs) { L1005: const r = spawnSync(process.execPath, ['-e', ` L1006: const net = require('net'); L1007: const s = net.connect({ port: ${port}, host: ${JSON.stringify(host)} }); ... L1019: const srv = net.createServer(); L1020: srv.listen(0, '127.0.0.1', () => { const p = srv.address().port; srv.close(() => { process.stdout.write(String(p)); }); }); L1021: srv.on('error', e => { process.stderr.write(e.message); process.exit(1); });
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

plugkit-wasm-wrapper.jsView on unpkg · L1004
1259logEvent('plugkit', 'browser.chromium-installing', {}); L1260: spawnSync(process.platform === 'win32' ? 'npx.cmd' : 'npx', ['--yes', 'playwright', 'install', 'chromium'], { L1261: encoding: 'utf-8',
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

plugkit-wasm-wrapper.jsView on unpkg · L1259
4import crypto from 'crypto'; L5: import https from 'https'; L6: import http from 'http'; L7: import { watch } from 'fs'; L8: import * as _childProcess from 'child_process'; L9: import { spawn as _rawSpawn, spawnSync as _rawSpawnSync } from 'child_process'; ... L27: const __filename = fileURLToPath(import.meta.url); L28: const __dirname = path.dirname(__filename); L29: ... L40: L41: const GM_LOG_ROOT = process.env.GM_LOG_DIR || path.join(os.homedir(), '.claude', 'gm-log'); L42: const ORCHESTRATOR_VERBS = new Set(['instruction', 'transition', 'phase-status', 'prd-add', 'prd-resolve', 'prd-list', 'mutable-add', 'mutable-resolve', 'mutable-list', 'memorize-f...
Low
Weak Crypto

Package source references weak cryptographic algorithms.

plugkit-wasm-wrapper.jsView on unpkg · L4
lang-host-runner.jsView file
2'use strict'; L3: const fs = require('fs'); L4: const path = require('path');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

lang-host-runner.jsView on unpkg · L2

Findings

2 Critical6 High4 Medium4 Low
CriticalSame File Env Network Executionplugkit-wasm-wrapper.js
CriticalTrigger Reachable Dangerous Capabilityplugkit-wasm-wrapper.js
HighChild Processsupervisor.js
HighShellplugkit-wasm-wrapper.js
HighEvalplugkit-wasm-wrapper.js
HighCommand Output Exfiltrationplugkit-wasm-wrapper.js
HighCross File Remote Execution Contextsupervisor.js
HighRuntime Package Installplugkit-wasm-wrapper.js
MediumDynamic Requirelang-host-runner.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowWeak Cryptoplugkit-wasm-wrapper.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings