registry  /  juggernaut-bedrock  /  5.2.8

juggernaut-bedrock@5.2.8

Route Claude Code through Amazon Bedrock in one command — IAM, SSO, or API key. Cross-platform CLI for GenAI developers.

AI Security Review

scanned 1d ago · by lpm-firewall-ai

No confirmed malicious attack surface in the inspected wrapper package. The CLI resolves an allowlisted platform optional dependency and executes its local binary only when the user runs juggernaut.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs the juggernaut CLI.
Impact
Expected CLI delegation; no source evidence of unconsented install-time execution or exfiltration.
Mechanism
allowlisted native binary launcher with forwarded arguments
Rationale
Static inspection shows a platform launcher for optional native packages with path allowlisting and no lifecycle hooks or network/exfiltration code. The suspicious child_process and env usage are expected for a CLI wrapper and are activated only by explicit user invocation.
Evidence
package.jsonindex.jsREADME.md<platform optional package>/package.json<platform optional package>/bin/juggernaut

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no install/preinstall/postinstall lifecycle hooks; only bin maps juggernaut to index.js.
    • index.js only runs when invoked as CLI via require.main === module, not on import or install.
    • index.js allowlists platform package names and validates binary realpath stays under __dirname before spawnSync.
    • Scanner runtime install signal is only user-facing reinstall text, not command execution.
    • No fetch/http client, eval/vm/Function, credential harvesting, persistence, or destructive filesystem writes found.
    • README describes user-invoked Bedrock/Claude configuration behavior aligned with package purpose.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystem
    Supply chain
    UrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 1 file(s), 6.67 KB of source, external domains: github.com

    Source & flagged code

    2 flagged · loading source
    index.jsView file
    4var path = require("path"); L5: var childProcess = require("node:child_process"); L6: var fs = require("fs");
    High
    Child Process

    Package source references child process execution.

    index.jsView on unpkg · L4
    index.js#virtual:normalized:round1View file
    153process.stderr.write( L154: "juggernaut-bedrock is in a broken or partially-updated state (launcher v" + rootVersion + ", binary v" + binVersion + ").\nThis usually happens when the package was updated while ... L155: ); ... L158: var args = safeForwardArgs(process.argv.slice(2)); L159: var result = child_process.spawnSync(bin, args, { L160: stdio: "inherit",
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    index.js#virtual:normalized:round1View on unpkg · L153

    Findings

    2 High1 Medium3 Low
    HighChild Processindex.js
    HighRuntime Package Installindex.js#virtual:normalized:round1
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowUrl Strings