registry  /  jinzd-ai-cli  /  0.4.221

jinzd-ai-cli@0.4.221

Cross-platform REPL-style AI CLI with multi-provider support

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 19 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 81 file(s), 2.76 MB of source, external domains: 127.0.0.1, ai.dev, api.deepseek.com, api.minimaxi.com, api.moonshot.ai, api.openai.com, cn.bing.com, console.cloud.google.com, dashscope.aliyuncs.com, github.com, json.schemastore.org, mths.be, ollama.com, open.bigmodel.cn, openrouter.ai, programmablesearchengine.google.com, registry.npmjs.org, tailwindcss.com, twitter.com, www.googleapis.com

Source & flagged code

10 flagged · loading source
dist/web/client/vendor/highlight.min.jsView file
132;const e=this.regexes.map((e=>e[1]));this.matcherRe=n(h(e,{joinWith:"|" L133: }),!0),this.lastIndex=0}exec(e){this.matcherRe.lastIndex=this.lastIndex L134: ;const n=this.matcherRe.exec(e);if(!n)return null
High
Child Process

Package source references child process execution.

dist/web/client/vendor/highlight.min.jsView on unpkg · L132
dist/electron-server.jsView file
729if (/\bSet-Content\b|\bOut-File\b|\bAdd-Content\b|\bCopy-Item\b|\bMove-Item\b|\bSet-ItemProperty\b|\bNew-ItemProperty\b/i.test(cmd)) return "write"; L730: if (/\b(python3?|node|deno|bun|perl|ruby|php|bash|sh|zsh|pwsh|powershell)(\.exe)?\b[^\n]*?\s-(?:Command|EncodedCommand|c|e|p|r)\b/i.test(cmd)) return "write"; L731: if (/\bcmd(\.exe)?\s+\/[ck]\b/i.test(cmd)) return "write";
High
Shell

Package source references shell execution.

dist/electron-server.jsView on unpkg · L729
89// 可选:直接在此写 key(也可通过 apiKeys 字段或环境变量提供) L90: baseUrl: z.string(), L91: // OpenAI 兼容 API 的 base URL(必填) ... L502: try { L503: const raw = JSON.parse(readFileSync(this.configPath, "utf-8")); L504: return ConfigSchema.parse(raw); ... L4859: // src/tools/builtin/bash.ts L4860: import { spawn } from "child_process"; L4861: import { existsSync as existsSync5, readdirSync as readdirSync2, statSync as statSync2 } from "fs";
High
Remote Agent Bridge

Source exposes local file and command tools to a remote model endpoint.

dist/electron-server.jsView on unpkg · L89
64Detached bundled service listener: dist/electron-server.js launches a Node helper and exposes a broad-bound HTTP listener. L64: import express from "express"; L65: import { createServer } from "http"; L66: import { WebSocketServer } from "ws"; ... L250: denyPorts: z.array(z.number().int().min(1).max(65535)).default([]), L251: allowPrivateNetwork: z.boolean().default(false), L252: tools: z.object({ ... L404: if (fixedEnvVar && fixedEnvVar !== dynamicEnvVar) { L405: const fixedVal = process.env[fixedEnvVar]; L406: const dynVal = process.env[dynamicEnvVar]; L407: if (fixedVal && dynVal && fixedVal !== dynVal) { L408: process.stderr.write(`[warn] env var collision: ${fixedEnvVar} and ${dynamicEnvVar} have different values for provider "${providerId}". Using ${fixedEnvVar}. L409: `);
High
Spawned Bundled Service Listener

Source launches a detached bundled service that exposes a broad-bound HTTP listener.

dist/electron-server.jsView on unpkg · L64
64import express from "express"; L65: import { createServer } from "http"; L66: import { WebSocketServer } from "ws"; ... L250: denyPorts: z.array(z.number().int().min(1).max(65535)).default([]), L251: allowPrivateNetwork: z.boolean().default(false), L252: tools: z.object({ ... L404: if (fixedEnvVar && fixedEnvVar !== dynamicEnvVar) { L405: const fixedVal = process.env[fixedEnvVar]; L406: const dynVal = process.env[dynamicEnvVar]; L407: if (fixedVal && dynVal && fixedVal !== dynVal) { L408: process.stderr.write(`[warn] env var collision: ${fixedEnvVar} and ${dynamicEnvVar} have different values for provider "${providerId}". Using ${fixedEnvVar}. L409: `);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/electron-server.jsView on unpkg · L64
dist/web/client/vendor/tailwind.jsView file
1(()=>{var qv=Object.create;var Hi=Object.defineProperty;var $v=Object.getOwnPropertyDescriptor;var Lv=Object.getOwnPropertyNames;var Mv=Object.getPrototypeOf,Nv=Object.prototype.ha... L2: `+S+n("^")}let b=i(h.replace(/\d/g," "))+f.slice(0,this.column-1).replace(/[^\t]/g," ");return n(">")+i(h)+s(f)+`
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/web/client/vendor/tailwind.jsView on unpkg · L1
dist/chunk-VHY6NVMQ.jsView file
27{ kind: "anthropic-key", regex: /(sk-ant-[a-zA-Z0-9_-]{90,})/g }, L28: // L6 (v0.4.108): Zhipu / GLM API keys — `<24+ hex/base64-ish>.<32+>` L29: // Two segments separated by a dot, each safely identifiable by length ... L52: { kind: "bearer", regex: /\b(Authorization:\s*Bearer\s+)([a-zA-Z0-9_\-.=]{20,500})/g }, L53: // Private key PEM blocks — catch the header+footer together L54: { kind: "private-key", regex: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g } ... L135: function memoryIndexDir() { L136: return path.join(os.homedir(), ".aicli", MEMORY_DIR_NAME); L137: }
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunk-VHY6NVMQ.jsView on unpkg · L27
dist/chunk-BYQEWWA4.jsView file
696package = jinzd-ai-cli; repositoryIdentity = ai-cli; dependency = undici L696: try { L697: const { ProxyAgent, setGlobalDispatcher } = await import("undici"); L698: setGlobalDispatcher(new ProxyAgent({ uri: proxyUrl }));
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/chunk-BYQEWWA4.jsView on unpkg · L696
dist/wasm/tree-sitter-go.wasmView file
path = dist/wasm/tree-sitter-go.wasm kind = wasm_module sizeBytes = 217182 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

dist/wasm/tree-sitter-go.wasmView on unpkg
dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = jinzd-ai-cli@0.4.220 matchedIdentity = npm:amluemQtYWktY2xp:0.4.220 similarity = 0.975 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/index.jsView on unpkg

Findings

6 High6 Medium7 Low
HighChild Processdist/web/client/vendor/highlight.min.js
HighShelldist/electron-server.js
HighRemote Agent Bridgedist/electron-server.js
HighCopied Package Dependency Bridgedist/chunk-BYQEWWA4.js
HighSpawned Bundled Service Listenerdist/electron-server.js
HighPrevious Version Dangerous Deltadist/index.js
MediumDynamic Requiredist/web/client/vendor/tailwind.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/electron-server.js
MediumShips Wasm Moduledist/wasm/tree-sitter-go.wasm
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/chunk-VHY6NVMQ.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings