registry  /  harnessed  /  4.14.0

harnessed@4.14.0

AI coding harness package manager + composition orchestrator

Static Scan Results

scanned 9d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 395 KB of source, external domains: github.com, harnessed.dev

Source & flagged code

1 flagged · loading source
dist/cli.mjsView file
11import * as ajvFormatsNs from 'ajv-formats'; L12: import { execFileSync, spawnSync, spawn, exec, execSync, execFile } from 'child_process'; L13: import { fileURLToPath } from 'url'; ... L21: import { Command } from 'commander'; L22: import { stdout, stdin } from 'process'; L23: import * as readline from 'readline/promises'; ... L34: L35: // package.json L36: var package_default; ... L47: type: "git", L48: url: "https://github.com/easyinplay/harnessed.git" L49: },
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/cli.mjsView on unpkg · L11

Findings

2 Medium5 Low
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowWeak Cryptodist/cli.mjs
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings