registry  /  gossipcat  /  0.6.9

gossipcat@0.6.9

⚠ Under review

Multi-agent orchestration for Claude Code — parallel review, consensus, adaptive dispatch

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 16 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 819 KB of source, external domains: github.com, raw.githubusercontent.com, react.dev, www.w3.org
Oversized source lightweight scan
dist-mcp/mcp-server.js3.16 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsEvalHighEntropyStringsUrlStringsraw.githubusercontent.com

Source & flagged code

7 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts/postinstall.jsView file
1Install-time AI-agent control hijack evidence: L2: /** L3: * Generates .mcp.json with the correct absolute path to mcp-server.js L4: * for the current install method (global npm, local project dep, git clone). ... L8: const { join, resolve } = require('path'); L9: const { existsSync, readFileSync, writeFileSync, statSync } = require('fs'); L10: ... L21: L22: // For git clones: skip writing if .mcp.json already exists. Still warn if the L23: // built server is older than package.json — stale-build warning is the most ... L29: // build-recovery path at the end of this script instead. L30: if (isGitClone && existsSync(join(packageRoot, '.mcp.json')) && existsSync(mcpServerPath)) { L31: try { Payload evidence from dist-mcp/default-rules/gossipcat-rules.md: L1: # Gossipcat — Multi-Agent Orchestration L2:
Critical
Ai Agent Control Hijack

Install-time source drops package-supplied AI-agent/MCP control files or instructions.

scripts/postinstall.jsView on unpkg · L1
assets/hooks/discipline/pretool-signals-validate.shView file
path = assets/hooks/discipline/pretool-signals-validate.sh kind = build_helper sizeBytes = 1857 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

assets/hooks/discipline/pretool-signals-validate.shView on unpkg
dist-dashboard/assets/Geist-Variable-jflMhO5d.woff2View file
path = dist-dashboard/assets/Geist-Variable-jflMhO5d.woff2 kind = high_entropy_blob sizeBytes = 69740 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

dist-dashboard/assets/Geist-Variable-jflMhO5d.woff2View on unpkg
dist-mcp/mcp-server.jsView file
path = dist-mcp/mcp-server.js kind = oversized_source_file sizeBytes = 3310423 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist-mcp/mcp-server.jsView on unpkg
path = dist-mcp/mcp-server.js kind = oversized_cli_entrypoint sizeBytes = 3310423 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

dist-mcp/mcp-server.jsView on unpkg

Findings

1 Critical3 High6 Medium6 Low
CriticalAi Agent Control Hijackscripts/postinstall.js
HighInstall Time Lifecycle Scriptspackage.json
HighShips High Entropy Blobdist-dashboard/assets/Geist-Variable-jflMhO5d.woff2
HighOversized Source Filedist-mcp/mcp-server.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperassets/hooks/discipline/pretool-signals-validate.sh
MediumOversized Cli Entrypointdist-mcp/mcp-server.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEval
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings