registry  /  icoa-cli  /  2.19.362

icoa-cli@2.19.362

⚠ Under review

ICOA CLI — The world's first CLI-native cyber & AI security olympiad terminal: AI4CTF (Day 1), CTF4AI (Day 2), VLA4CTF (Pioneer Round — embodied AI)

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 20 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 89 file(s), 633 KB of source, external domains: aistudio.google.com, api.github.com, au.icoa2026.au, bootstrap.pypa.io, brew.sh, cdn.jsdelivr.net, deb.nodesource.com, github.com, icoa2026.au, nodejs.org, practice.icoa2026.au, python.org, raw.githubusercontent.com, registry.npmjs.org, www.docker.com, www.python.org

Source & flagged code

12 flagged · loading source
package.jsonView file
scripts.postinstall = node -e "try{require('./dist/postinstall.js')}catch(e){}"
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node -e "try{require('./dist/postinstall.js')}catch(e){}"
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/repl.jsView file
1import{createInterface as o}from"node:readline";import{spawn as e,execSync as t}from"node:child_process";import chalk from"chalk";import{isConnected as l,getConfig as n,saveConfig ...
High
Child Process

Package source references child process execution.

dist/repl.jsView on unpkg · L1
1import{createInterface as o}from"node:readline";import{spawn as e,execSync as t}from"node:child_process";import chalk from"chalk";import{isConnected as l,getConfig as n,saveConfig ...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/repl.jsView on unpkg · L1
1import{createInterface as o}from"node:readline";import{spawn as e,execSync as t}from"node:child_process";import chalk from"chalk";import{isConnected as l,getConfig as n,saveConfig ...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/repl.jsView on unpkg · L1
dist/commands/ctf4ai-demo.jsView file
1(function(b,f){const U=a0f,h=b();while(!![]){try{const j=-parseInt(U(0x2b0))/(-0x86d*-0x2+0x153b+-0x2614)*(-parseInt(U(0x212))/(0x436+-0x1*-0x2149+-0x1*0x257d))+parseInt(U(0x213))/...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/commands/ctf4ai-demo.jsView on unpkg · L1
1(function(b,f){const U=a0f,h=b();while(!![]){try{const j=-parseInt(U(0x2b0))/(-0x86d*-0x2+0x153b+-0x2614)*(-parseInt(U(0x212))/(0x436+-0x1*-0x2149+-0x1*0x257d))+parseInt(U(0x213))/...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/commands/ctf4ai-demo.jsView on unpkg · L1
dist/commands/env.jsView file
1import chalk from"chalk";import{execSync as e}from"node:child_process";import{appendFileSync as o,existsSync as n,mkdirSync as t,readFileSync as r}from"node:fs";import{homedir as a...
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/commands/env.jsView on unpkg · L1
dist/lib/tool-man.jsView file
1import chalk from"chalk";export const TOOL_DOCS=[{name:"file",cat:"Forensics",summary:"identify a file type (always step 1)",ex:[["file mystery","what is this really? (extension li...
Critical
Reverse Shell

Source matches reverse-shell style process and socket wiring.

dist/lib/tool-man.jsView on unpkg · L1
1Trigger-reachable chain: manifest.bin -> dist/index.js -> dist/repl.js -> dist/lib/tool-man.js L1: import chalk from"chalk";export const TOOL_DOCS=[{name:"file",cat:"Forensics",summary:"identify a file type (always step 1)",ex:[["file mystery","what is this really? (extension li...
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/lib/tool-man.jsView on unpkg · L1
dist/commands/demo2.jsView file
1import chalk from"chalk";import{spawn as o}from"node:child_process";import{writeFileSync as e}from"node:fs";import{join as n}from"node:path";import{createInterface as t}from"node:r...
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/commands/demo2.jsView on unpkg · L1
dist/commands/ctf4vla.jsView file
matchType = previous_version_dangerous_delta matchedPackage = icoa-cli@2.19.353 matchedIdentity = npm:aWNvYS1jbGk:2.19.353 similarity = 0.867 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/commands/ctf4vla.jsView on unpkg

Findings

3 Critical6 High6 Medium5 Low
CriticalReverse Shelldist/lib/tool-man.js
CriticalTrigger Reachable Dangerous Capabilitydist/lib/tool-man.js
CriticalPrevious Version Dangerous Deltadist/commands/ctf4vla.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdist/repl.js
HighSame File Env Network Executiondist/repl.js
HighCommand Output Exfiltrationdist/repl.js
HighSandbox Evasion Gated Capabilitydist/commands/demo2.js
HighObfuscated Payload Loaderdist/commands/ctf4ai-demo.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requiredist/commands/ctf4ai-demo.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/commands/env.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings