registry  /  oh-my-claude-sisyphus  /  4.15.2

oh-my-claude-sisyphus@4.15.2

Multi-agent orchestration system for Claude Code - Inspired by oh-my-opencode

Static Scan Results

scanned 9d ago · by rust-scanner

Static analysis flagged 21 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 607 file(s), 8.00 MB of source, external domains: 127.0.0.1, antigravity.google, api.bitbucket.org, api.github.com, api.telegram.org, build.grok.com, claude.ai, code.claude.com, dart.dev, discord.com, docs.anthropic.com, docs.cursor.com, docs.n8n.io, example.com, flutter.dev, github.com, img.shields.io, json-schema.org, learn.microsoft.com, raw.githubusercontent.com, registry.npmjs.org, slack.com, spec.openapis.org, stackoverflow.com, swift.org, tools.ietf.org, www.safaribooksonline.com, www.w3.org
Oversized source lightweight scan
bridge/cli.cjs3.34 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsCryptoHighEntropyStringsUrlStringsgithub.comlearn.microsoft.com

Source & flagged code

13 flagged · loading source
dist/autoresearch/runtime.jsView file
1import { execFileSync, spawnSync } from 'child_process'; L2: import { existsSync } from 'fs';
High
Child Process

Package source references child process execution.

dist/autoresearch/runtime.jsView on unpkg · L1
367encoding: 'utf-8', L368: shell: true, L369: maxBuffer: 1024 * 1024,
High
Shell

Package source references shell execution.

dist/autoresearch/runtime.jsView on unpkg · L367
bridge/mcp-server.cjsView file
2955sourceCode = this.opts.code.process(sourceCode, sch); L2956: const makeValidate = new Function(`${names_1.default.self}`, `${names_1.default.scope}`, sourceCode); L2957: const validate = makeValidate(this, this.scope.get());
Low
Eval

Package source references a known benign dynamic code generation pattern.

bridge/mcp-server.cjsView on unpkg · L2955
dist/tools/ast-tools.jsView file
18// L19: // IMPORTANT: Uses createRequire() (CJS resolution) instead of dynamic import() (ESM resolution) L20: // because ESM resolution does NOT respect NODE_PATH or Module._initPaths().
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/tools/ast-tools.jsView on unpkg · L18
dist/openclaw/dedupe.jsView file
54try { L55: const parsed = JSON.parse(readFileSync(statePath, "utf-8")); L56: return {
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/openclaw/dedupe.jsView on unpkg · L54
dist/team/tmux-session.jsView file
9import { createHash } from 'crypto'; L10: import { execFile } from 'child_process'; L11: import { promisify } from 'util'; ... L20: const TMUX_SESSION_PREFIX = 'omc-team'; L21: export function detectTeamMultiplexerContext(env = process.env) { L22: if (env.TMUX) ... L29: * True when running on Windows under MSYS2/Git Bash. L30: * Tmux panes run bash in this environment, not cmd.exe. L31: */ L32: export function isUnixLikeOnWindows() { L33: return process.platform === 'win32' && L34: !!(process.env.MSYSTEM || process.env.MINGW_PREFIX);
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/team/tmux-session.jsView on unpkg · L9
dist/tools/lsp/servers.jsView file
6*/ L7: import { spawnSync } from 'child_process'; L8: import { existsSync } from 'fs'; ... L25: extensions: ['.py', '.pyw'], L26: installHint: 'Install ty from https://github.com/astral-sh/ty' L27: }, ... L161: return existsSync(command); L162: const checkCommand = process.platform === 'win32' ? 'where' : 'which'; L163: const result = spawnSync(checkCommand, [command], { stdio: 'ignore' });
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/tools/lsp/servers.jsView on unpkg · L6
bridge/runtime-cli.cjsView file
34function tmuxEnv() { L35: const { TMUX: _, PSMUX_SESSION: __, ...env } = process.env; L36: return env; ... L41: function isUnixLikeOnWindows() { L42: return process.platform === "win32" && !!(process.env.MSYSTEM || process.env.MINGW_PREFIX); L43: } ... L54: if (process.platform === "win32" && /\.(cmd|bat)$/i.test(resolvedBinary)) { L55: const comspec = process.env.COMSPEC || "cmd.exe"; L56: const commandLine = [quoteForCmd(resolvedBinary), ...args.map(quoteForCmd)].join(" "); ... L111: if (result.status !== 0) return "tmux"; L112: const candidates = result.stdout?.split(/\r?\n/).map((line) => line.trim()).filter(Boolean) ?? []; L113: const first = candidates[0];
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

bridge/runtime-cli.cjsView on unpkg · L34
dist/features/auto-update.jsView file
41if (process.platform === 'win32') { L42: execSync(`npm install -g ${packageSpec}`, npmExecOptions(verbose)); L43: return;
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/features/auto-update.jsView on unpkg · L41
bridge/run-mcp-server.shView file
path = bridge/run-mcp-server.sh kind = build_helper sizeBytes = 445 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

bridge/run-mcp-server.shView on unpkg
skills/project-session-manager/tests/test-psm-prompt-injection.shView file
path = skills/project-session-manager/tests/test-psm-prompt-injection.sh kind = payload_in_excluded_dir sizeBytes = 12189 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

skills/project-session-manager/tests/test-psm-prompt-injection.shView on unpkg
bridge/cli.cjsView file
path = bridge/cli.cjs kind = oversized_source_file sizeBytes = 3501996 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

bridge/cli.cjsView on unpkg
path = bridge/cli.cjs kind = oversized_cli_entrypoint sizeBytes = 3501996 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

bridge/cli.cjsView on unpkg

Findings

7 High7 Medium7 Low
HighChild Processdist/autoresearch/runtime.js
HighShelldist/autoresearch/runtime.js
HighSandbox Evasion Gated Capabilitydist/tools/lsp/servers.js
HighCloud Metadata Accessbridge/runtime-cli.cjs
HighRuntime Package Installdist/features/auto-update.js
HighPayload In Excluded Dirskills/project-session-manager/tests/test-psm-prompt-injection.sh
HighOversized Source Filebridge/cli.cjs
MediumDynamic Requiredist/tools/ast-tools.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/team/tmux-session.js
MediumShips Build Helperbridge/run-mcp-server.sh
MediumOversized Cli Entrypointbridge/cli.cjs
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalbridge/mcp-server.cjs
LowWeak Cryptodist/openclaw/dedupe.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings