registry  /  imcodes  /  2026.7.2964

imcodes@2026.7.2964

⚠ Under review

A chat interface for AI coding agents — control Claude Code, Codex, Gemini CLI, OpenCode from browser and mobile

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 16 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 469 file(s), 5.09 MB of source, external domains: 127.0.0.1, api.anthropic.com, api.github.com, api.openai.com, app.im.codes, chatgpt.com, docker.1ms.run, docker.m.daocloud.io, docs.docker.com, formulae.brew.sh, gitlab.com, html.duckduckgo.com, hub.docker.com, mirrors.cloud.tencent.com, nodejs.org, registry.npmjs.org, wezfurlong.org, www.apple.com, www.google.com

Source & flagged code

8 flagged · loading source
package.jsonView file
scripts.preinstall = node dist/src/util/preinstall-cleanup.mjs || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node dist/src/util/preinstall-cleanup.mjs || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/shared/git-remote-url.jsView file
47patternName = generic_password severity = medium line = 47 matchedText = parsed.p...ed';
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/shared/git-remote-url.jsView on unpkg · L47
dist/src/context/tokenizer.jsView file
1import { createRequire } from 'node:module'; L2: const require = createRequire(import.meta.url); L3: let anthropicCountTokens;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/src/context/tokenizer.jsView on unpkg · L1
dist/src/index.jsView file
26const stack = err instanceof Error ? err.stack : undefined; L27: link.send({ L28: type: 'daemon.error', ... L66: import logger from './util/logger.js'; L67: import { execFileSync, execSync } from 'child_process'; L68: import { cpus, freemem, homedir, loadavg, totalmem } from 'os'; ... L79: import { INSTALLER_CONFIG_BASENAME, normalizeRegistryBase } from '../shared/installer-contract.js'; L80: const { version } = JSON.parse(readFileSync(join(PROJECT_ROOT, 'package.json'), 'utf8')); L81: function shellDoubleQuotedLiteral(value) { ... L84: function buildImcodesCliWrapper(nodeBin, entryScript) { L85: return `#!/bin/sh\nexec ${shellDoubleQuotedLiteral(nodeBin)} ${shellDoubleQuotedLiteral(entryScript)} "$@"\n`; L86: }
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/src/index.jsView on unpkg · L26
dist/src/util/windows-launch-artifacts.jsView file
2import { existsSync, mkdtempSync, rmSync, writeFileSync } from 'fs'; L3: import { execSync } from 'child_process'; L4: import path, { join, dirname } from 'path'; ... L7: const __filename = fileURLToPath(import.meta.url); L8: const __dirname = dirname(__filename); L9: const TASK_NAME = 'imcodes-daemon'; ... L25: * L26: * IMPORTANT: this file is parsed by cmd.exe. Two non-obvious rules: L27: * ... L73: // upgrade is silently bypassed. L74: const appdataNpm = process.env.APPDATA ? path.win32.join(process.env.APPDATA, 'npm') : null; L75: const isDefaultPrefix = appdataNpm
Critical
Persistence Backdoor

Source writes persistence or remote-access backdoor material.

dist/src/util/windows-launch-artifacts.jsView on unpkg · L2
2Trigger-reachable chain: manifest.main -> dist/src/index.js -> dist/src/util/windows-launch-artifacts.js L2: import { existsSync, mkdtempSync, rmSync, writeFileSync } from 'fs'; L3: import { execSync } from 'child_process'; L4: import path, { join, dirname } from 'path'; ... L7: const __filename = fileURLToPath(import.meta.url); L8: const __dirname = dirname(__filename); L9: const TASK_NAME = 'imcodes-daemon'; ... L25: * L26: * IMPORTANT: this file is parsed by cmd.exe. Two non-obvious rules: L27: * ... L73: // upgrade is silently bypassed. L74: const appdataNpm = process.env.APPDATA ? path.win32.join(process.env.APPDATA, 'npm') : null; L75: const isDefaultPrefix = appdataNpm
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/src/util/windows-launch-artifacts.jsView on unpkg · L2
bin/imcodes-launch.shView file
path = bin/imcodes-launch.sh kind = build_helper sizeBytes = 7821 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

bin/imcodes-launch.shView on unpkg

Findings

2 Critical1 High8 Medium5 Low
CriticalPersistence Backdoordist/src/util/windows-launch-artifacts.js
CriticalTrigger Reachable Dangerous Capabilitydist/src/util/windows-launch-artifacts.js
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumSecret Patterndist/shared/git-remote-url.js
MediumDynamic Requiredist/src/context/tokenizer.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/src/index.js
MediumShips Build Helperbin/imcodes-launch.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings