registry  /  infinicode  /  2.5.0

infinicode@2.5.0

OpenKernel — provider-agnostic AI execution kernel. Native coding agent + mission-driven execution runtime.

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis completed at 93.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 99 file(s), 3.08 MB of source, external domains: 100.x.y.z, 127.0.0.1, aistudio.google.com, api.cerebras.ai, api.groq.com, api.mistral.ai, api.sambanova.ai, api.telegram.org, build.nvidia.com, chutes.ai, cloud.cerebras.ai, cloud.sambanova.ai, console.groq.com, console.mistral.ai, docs.sglang.ai, docs.vllm.ai, generativelanguage.googleapis.com, github.com, html.duckduckgo.com, huggingface.co, integrate.api.nvidia.com, llm.chutes.ai, lmstudio.ai, models.inference.ai.azure.com, opencode.ai, openrouter.ai, router.huggingface.co

Source & flagged code

1 flagged · loading source
dist/commands/robopark.jsView file
matchType = previous_version_dangerous_delta matchedPackage = infinicode@2.3.6 matchedIdentity = npm:aW5maW5pY29kZQ:2.3.6 similarity = 0.886 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/commands/robopark.jsView on unpkg

Findings

1 High3 Medium5 Low
HighPrevious Version Dangerous Deltadist/commands/robopark.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings