registry  /  patchcord  /  0.6.1

patchcord@0.6.1

⚠ Under review

Cross-machine agent messaging for Claude Code and Codex

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 14 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 190 KB of source, external domains: api.kimi.com, api.patchcord.dev, github.com, kimi.moonshot.cn, mcp.patchcord.dev, patchcord.dev

Source & flagged code

6 flagged · loading source
bin/patchcord.mjsView file
matchType = previous_version_dangerous_delta matchedPackage = patchcord@0.5.126 matchedIdentity = npm:cGF0Y2hjb3Jk:0.5.126 similarity = 0.600 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/patchcord.mjsView on unpkg
5import { fileURLToPath } from "url"; L6: import { execSync } from "child_process"; L7: import { homedir } from "os";
High
Child Process

Package source references child process execution.

bin/patchcord.mjsView on unpkg · L5
5import { fileURLToPath } from "url"; L6: import { execSync } from "child_process"; L7: import { homedir } from "os"; L8: L9: const HOME = homedir(); L10: ... L16: const { readFileSync: _rf } = await import("fs"); L17: const { version } = JSON.parse(_rf(join(__dirname, "..", "package.json"), "utf-8")); L18: process.stdout.write(`${version}\n`); L19: process.exit(0); ... L159: function _kimiContextRequested(options = {}) { L160: const forceTool = (process.env.PATCHCORD_FORCE_TOOL || process.env.PATCHCORD_TOOL || "").toLowerCase();
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

bin/patchcord.mjsView on unpkg · L5
1534if (cmd === "update" || cmd === "--update") { L1535: const { spawnSync: _spawn } = await import("child_process"); L1536: const r = _spawn("npx", ["--min-release-age=0", "patchcord@latest", "--update-only"], { stdio: "inherit" }); L1537: process.exit(r.status ?? (r.signal ? 1 : 0));
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/patchcord.mjsView on unpkg · L1534
scripts/lib/ws.mjsView file
1// Minimal WebSocket client (RFC 6455 subset). L2: // Zero dependencies, stdlib only — TLS + HTTP/1.1 Upgrade + text frames. ... L18: const port = url.port ? Number(url.port) : isTls ? 443 : 80; L19: const key = randomBytes(16).toString("base64"); L20: const expectedAccept = createHash("sha1").update(key + GUID).digest("base64"); ... L49: try { L50: socket.write(encodeFrame(0x8, closePayload(code, reason), true)); L51: } catch (_) {}
Low
Weak Crypto

Package source references weak cryptographic algorithms.

scripts/lib/ws.mjsView on unpkg · L1
scripts/kimi-subscribe.shView file
path = scripts/kimi-subscribe.sh kind = build_helper sizeBytes = 4770 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

scripts/kimi-subscribe.shView on unpkg

Findings

1 Critical4 High4 Medium5 Low
CriticalPrevious Version Dangerous Deltabin/patchcord.mjs
HighChild Processbin/patchcord.mjs
HighShell
HighSandbox Evasion Gated Capabilitybin/patchcord.mjs
HighRuntime Package Installbin/patchcord.mjs
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperscripts/kimi-subscribe.sh
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptoscripts/lib/ws.mjs
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings