registry  /  omniguard-enterprise-cli  /  1.4.0

omniguard-enterprise-cli@1.4.0

OmniGuard - AI-Powered Application Security Platform CLI

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 18 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 7 file(s), 245 KB of source, external domains: krnpfunshzycavskrtod.supabase.co, omniguard.io

Source & flagged code

11 flagged · loading source
src/index.jsView file
308patternName = supabase_service_key severity = critical line = 308 matchedText = const an...BVE'
Critical
Critical Secret

Package contains a critical-looking secret pattern.

src/index.jsView on unpkg · L308
308patternName = supabase_service_key severity = critical line = 308 matchedText = const an...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L308
423patternName = supabase_service_key severity = critical line = 423 matchedText = anonKey ...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L423
430patternName = supabase_service_key severity = critical line = 430 matchedText = anonKey ...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L430
739patternName = aws_access_key severity = critical line = 739 matchedText = const aw...LE';
Critical
Secret Pattern

AWS access key ID in src/index.js

src/index.jsView on unpkg · L739
1172patternName = supabase_service_key severity = critical line = 1172 matchedText = const an...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L1172
9const readline = require('readline') L10: const { execSync, execFileSync, spawn } = require('child_process') L11:
High
Child Process

Package source references child process execution.

src/index.jsView on unpkg · L9
84{ id: 'SAST-CRYPTO-001', name: 'Weak Hash MD5', re: /createHash\s*\(\s*["']md5["']/gi, sev: 'high' }, L85: { id: 'SAST-EVAL-001', name: 'eval() Usage', re: /\beval\s*\(/g, sev: 'high' }, L86: { id: 'SAST-PATH-001', name: 'Path Traversal', re: /\.\.\/|path\.join\([^)]*req\.|path\.join\([^)]*params\./gi, sev: 'high' }
Low
Eval

Package source references a known benign dynamic code generation pattern.

src/index.jsView on unpkg · L84
6const path = require('path') L7: const http = require('http') L8: const https = require('https') L9: const readline = require('readline') L10: const { execSync, execFileSync, spawn } = require('child_process') L11: ... L16: const VERSION = '1.4.0' L17: const LOG_FILE = path.join(os.homedir(), '.omniguard', 'daemon.log') L18: ... L30: return new Promise(resolve => { L31: const rl = readline.createInterface({ input: process.stdin, output: process.stdout }) L32: if (!hidden) return rl.question(question, answer => { rl.close(); resolve(answer) })
Low
Weak Crypto

Package source references weak cryptographic algorithms.

src/index.jsView on unpkg · L6
src/daemon.jsView file
17patternName = supabase_service_key severity = critical line = 17 matchedText = const SU...VE';
Critical
Secret Pattern

Supabase service role key (JWT) in src/daemon.js

src/daemon.jsView on unpkg · L17
2L3: const http = require('http'); L4: const fs = require('fs'); L5: const path = require('path'); L6: const { execSync } = require('child_process'); L7: const crypto = require('crypto'); ... L9: // Configuration L10: const PORT = process.env.OMNIGUARD_DAEMON_PORT || 5175; L11: const HOME = require('os').homedir();
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

src/daemon.jsView on unpkg · L2

Findings

7 Critical3 High2 Medium6 Low
CriticalCritical Secretsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/daemon.js
HighChild Processsrc/index.js
HighShell
HighSame File Env Network Executionsrc/daemon.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/index.js
LowWeak Cryptosrc/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings