registry  /  jinzd-ai-cli  /  0.4.206

jinzd-ai-cli@0.4.206

Cross-platform REPL-style AI CLI with multi-provider support

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 19 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 75 file(s), 2.50 MB of source, external domains: 127.0.0.1, ai.dev, api.deepseek.com, api.minimaxi.com, api.moonshot.ai, api.openai.com, cn.bing.com, console.cloud.google.com, github.com, mths.be, ollama.com, open.bigmodel.cn, openrouter.ai, programmablesearchengine.google.com, registry.npmjs.org, tailwindcss.com, twitter.com, www.googleapis.com

Source & flagged code

10 flagged · loading source
dist/chunk-QQYSZMET.jsView file
47// src/tools/builtin/bash.ts L48: import { spawn } from "child_process"; L49: import { existsSync as existsSync2, readdirSync, statSync } from "fs";
High
Child Process

Package source references child process execution.

dist/chunk-QQYSZMET.jsView on unpkg · L47
208return { L209: shell: "powershell.exe", L210: args: ["-NoProfile", "-NonInteractive", "-Command", WIN_UTF8_PREAMBLE + command]
High
Shell

Package source references shell execution.

dist/chunk-QQYSZMET.jsView on unpkg · L208
matchType = previous_version_dangerous_delta matchedPackage = jinzd-ai-cli@0.4.205 matchedIdentity = npm:amluemQtYWktY2xp:0.4.205 similarity = 0.920 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/chunk-QQYSZMET.jsView on unpkg
1013} L1014: const { readFile: readFile2 } = await import("fs/promises"); L1015: const buf = size > 1048576 ? await readFile2(normalizedPath) : readFileSync2(normalizedPath);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/chunk-QQYSZMET.jsView on unpkg · L1013
47// src/tools/builtin/bash.ts L48: import { spawn } from "child_process"; L49: import { existsSync as existsSync2, readdirSync, statSync } from "fs"; ... L212: } L213: return { shell: process.env["SHELL"] ?? "/bin/bash", args: ["-c", command] }; L214: } L215: function decodeWindowsBuffer(buf) { L216: const utf8 = buf.toString("utf-8"); L217: if (!utf8.includes("\uFFFD")) return utf8; ... L232: if (!cwd) { L233: cwd = process.cwd(); L234: cwdBySession.set(key, cwd);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/chunk-QQYSZMET.jsView on unpkg · L47
dist/chunk-CKH4KQ4E.jsView file
52function indexDir() { L53: return path.join(os.homedir(), ".aicli", INDEX_DIR_NAME); L54: } ... L66: const raw = fs.readFileSync(p, "utf-8"); L67: const parsed = JSON.parse(raw); L68: if (parsed.version !== SYMBOL_INDEX_VERSION) return null;
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunk-CKH4KQ4E.jsView on unpkg · L52
dist/electron-server.jsView file
84// 可选:直接在此写 key(也可通过 apiKeys 字段或环境变量提供) L85: baseUrl: z.string(), L86: // OpenAI 兼容 API 的 base URL(必填) ... L434: try { L435: const raw = JSON.parse(readFileSync(this.configPath, "utf-8")); L436: return ConfigSchema.parse(raw); ... L4732: // src/tools/builtin/bash.ts L4733: import { spawn } from "child_process"; L4734: import { existsSync as existsSync4, readdirSync as readdirSync2, statSync } from "fs";
High
Remote Agent Bridge

Source exposes local file and command tools to a remote model endpoint.

dist/electron-server.jsView on unpkg · L84
59Detached bundled service listener: dist/electron-server.js launches a Node helper and exposes a broad-bound HTTP listener. L59: import express from "express"; L60: import { createServer } from "http"; L61: import { WebSocketServer } from "ws"; L62: import { join as join17, dirname as dirname6, resolve as resolve6, relative as relative3, sep as sep3 } from "path"; L63: import { existsSync as existsSync23, readFileSync as readFileSync16, readdirSync as readdirSync11, statSync as statSync9, realpathSync } from "fs"; ... L336: if (fixedEnvVar && fixedEnvVar !== dynamicEnvVar) { L337: const fixedVal = process.env[fixedEnvVar]; L338: const dynVal = process.env[dynamicEnvVar]; L339: if (fixedVal && dynVal && fixedVal !== dynVal) { L340: process.stderr.write(`[warn] env var collision: ${fixedEnvVar} and ${dynamicEnvVar} have different values for provider "${providerId}". Using ${fixedEnvVar}. L341: `); ... L422: constructor(configDir) {
High
Spawned Bundled Service Listener

Source launches a detached bundled service that exposes a broad-bound HTTP listener.

dist/electron-server.jsView on unpkg · L59
dist/chunk-KOU4KX7J.jsView file
692package = jinzd-ai-cli; repositoryIdentity = ai-cli; dependency = undici L692: try { L693: const { ProxyAgent, setGlobalDispatcher } = await import("undici"); L694: setGlobalDispatcher(new ProxyAgent({ uri: proxyUrl }));
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/chunk-KOU4KX7J.jsView on unpkg · L692
dist/wasm/tree-sitter-go.wasmView file
path = dist/wasm/tree-sitter-go.wasm kind = wasm_module sizeBytes = 217182 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

dist/wasm/tree-sitter-go.wasmView on unpkg

Findings

6 High6 Medium7 Low
HighChild Processdist/chunk-QQYSZMET.js
HighShelldist/chunk-QQYSZMET.js
HighRemote Agent Bridgedist/electron-server.js
HighCopied Package Dependency Bridgedist/chunk-KOU4KX7J.js
HighSpawned Bundled Service Listenerdist/electron-server.js
HighPrevious Version Dangerous Deltadist/chunk-QQYSZMET.js
MediumDynamic Requiredist/chunk-QQYSZMET.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/chunk-QQYSZMET.js
MediumShips Wasm Moduledist/wasm/tree-sitter-go.wasm
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/chunk-CKH4KQ4E.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings