registry  /  jinzd-ai-cli  /  0.4.210

jinzd-ai-cli@0.4.210

Cross-platform REPL-style AI CLI with multi-provider support

Static Scan Results

scanned 19h ago · by rust-scanner

Static analysis flagged 19 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 77 file(s), 2.51 MB of source, external domains: 127.0.0.1, ai.dev, api.deepseek.com, api.minimaxi.com, api.moonshot.ai, api.openai.com, cn.bing.com, console.cloud.google.com, github.com, mths.be, ollama.com, open.bigmodel.cn, openrouter.ai, programmablesearchengine.google.com, registry.npmjs.org, tailwindcss.com, twitter.com, www.googleapis.com

Source & flagged code

10 flagged · loading source
dist/chunk-NEPFADHX.jsView file
47// src/tools/builtin/bash.ts L48: import { spawn } from "child_process"; L49: import { existsSync as existsSync2, readdirSync, statSync } from "fs";
High
Child Process

Package source references child process execution.

dist/chunk-NEPFADHX.jsView on unpkg · L47
208return { L209: shell: "powershell.exe", L210: args: ["-NoProfile", "-NonInteractive", "-Command", WIN_UTF8_PREAMBLE + command]
High
Shell

Package source references shell execution.

dist/chunk-NEPFADHX.jsView on unpkg · L208
1013} L1014: const { readFile: readFile2 } = await import("fs/promises"); L1015: const buf = size > 1048576 ? await readFile2(normalizedPath) : readFileSync2(normalizedPath);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/chunk-NEPFADHX.jsView on unpkg · L1013
47// src/tools/builtin/bash.ts L48: import { spawn } from "child_process"; L49: import { existsSync as existsSync2, readdirSync, statSync } from "fs"; ... L212: } L213: return { shell: process.env["SHELL"] ?? "/bin/bash", args: ["-c", command] }; L214: } L215: function decodeWindowsBuffer(buf) { L216: const utf8 = buf.toString("utf-8"); L217: if (!utf8.includes("\uFFFD")) return utf8; ... L232: if (!cwd) { L233: cwd = process.cwd(); L234: cwdBySession.set(key, cwd);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/chunk-NEPFADHX.jsView on unpkg · L47
dist/chunk-CKH4KQ4E.jsView file
52function indexDir() { L53: return path.join(os.homedir(), ".aicli", INDEX_DIR_NAME); L54: } ... L66: const raw = fs.readFileSync(p, "utf-8"); L67: const parsed = JSON.parse(raw); L68: if (parsed.version !== SYMBOL_INDEX_VERSION) return null;
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunk-CKH4KQ4E.jsView on unpkg · L52
dist/electron-server.jsView file
85// 可选:直接在此写 key(也可通过 apiKeys 字段或环境变量提供) L86: baseUrl: z.string(), L87: // OpenAI 兼容 API 的 base URL(必填) ... L440: try { L441: const raw = JSON.parse(readFileSync(this.configPath, "utf-8")); L442: return ConfigSchema.parse(raw); ... L4738: // src/tools/builtin/bash.ts L4739: import { spawn } from "child_process"; L4740: import { existsSync as existsSync4, readdirSync as readdirSync2, statSync } from "fs";
High
Remote Agent Bridge

Source exposes local file and command tools to a remote model endpoint.

dist/electron-server.jsView on unpkg · L85
60Detached bundled service listener: dist/electron-server.js launches a Node helper and exposes a broad-bound HTTP listener. L60: import express from "express"; L61: import { createServer } from "http"; L62: import { WebSocketServer } from "ws"; ... L342: if (fixedEnvVar && fixedEnvVar !== dynamicEnvVar) { L343: const fixedVal = process.env[fixedEnvVar]; L344: const dynVal = process.env[dynamicEnvVar]; L345: if (fixedVal && dynVal && fixedVal !== dynVal) { L346: process.stderr.write(`[warn] env var collision: ${fixedEnvVar} and ${dynamicEnvVar} have different values for provider "${providerId}". Using ${fixedEnvVar}. L347: `); ... L428: constructor(configDir) { L429: this.configDir = configDir ?? join(homedir(), CONFIG_DIR_NAME); L430: this.configPath = join(this.configDir, CONFIG_FILE_NAME);
High
Spawned Bundled Service Listener

Source launches a detached bundled service that exposes a broad-bound HTTP listener.

dist/electron-server.jsView on unpkg · L60
dist/chunk-7JWT3KXO.jsView file
854package = jinzd-ai-cli; repositoryIdentity = ai-cli; dependency = undici L854: try { L855: const { ProxyAgent, setGlobalDispatcher } = await import("undici"); L856: setGlobalDispatcher(new ProxyAgent({ uri: proxyUrl }));
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/chunk-7JWT3KXO.jsView on unpkg · L854
matchType = previous_version_dangerous_delta matchedPackage = jinzd-ai-cli@0.4.209 matchedIdentity = npm:amluemQtYWktY2xp:0.4.209 similarity = 0.896 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/chunk-7JWT3KXO.jsView on unpkg
dist/wasm/tree-sitter-go.wasmView file
path = dist/wasm/tree-sitter-go.wasm kind = wasm_module sizeBytes = 217182 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

dist/wasm/tree-sitter-go.wasmView on unpkg

Findings

6 High6 Medium7 Low
HighChild Processdist/chunk-NEPFADHX.js
HighShelldist/chunk-NEPFADHX.js
HighRemote Agent Bridgedist/electron-server.js
HighCopied Package Dependency Bridgedist/chunk-7JWT3KXO.js
HighSpawned Bundled Service Listenerdist/electron-server.js
HighPrevious Version Dangerous Deltadist/chunk-7JWT3KXO.js
MediumDynamic Requiredist/chunk-NEPFADHX.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/chunk-NEPFADHX.js
MediumShips Wasm Moduledist/wasm/tree-sitter-go.wasm
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/chunk-CKH4KQ4E.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings