registry  /  sandstream-kit  /  3.0.0

sandstream-kit@3.0.0

developer kit. zero LLM, local-first, multi-vault. one command from git clone to working dev environment.

Static Scan Results

scanned 11d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 227 file(s), 1.66 MB of source, external domains: 127.0.0.1, api.berget.ai, api.bitbucket.org, api.cloudflare.com, api.eu.tinybird.co, api.github.com, api.neon.tech, api.planetscale.com, api.resend.com, api.search.brave.com, api.stripe.com, api.supabase.com, api.tinybird.co, api.trigger.dev, api.upstash.com, api.vercel.com, app.flagsmith.com, app.inngest.com, app.loops.so, app.planetscale.com, app.posthog.com, app.tinybird.co, berget.ai, brew.sh, cloud.google.com, cloud.trigger.dev, console.anthropic.com, console.aws.amazon.com, console.cloud.google.com, console.neon.tech, console.upstash.com, cwe.mitre.org, dash.cloudflare.com, dashboard.clerk.com, dashboard.stripe.com, developer.1password.com, docs.aws.amazon.com, docs.github.com, docs.microsoft.com, docs.railway.app, docs.sentry.io, docs.stripe.com, edge.api.flagsmith.com, eu.i.posthog.com, example.com, expo.dev, github.com, grunden.ai, json.schemastore.org, liveblocks.io

Source & flagged code

7 flagged · loading source
dist/post-pull-audit.jsView file
24try { L25: const { stdout } = await exec("git", ["show", `${ref}:${path}`], { L26: cwd,
High
Child Process

Package source references child process execution.

dist/post-pull-audit.jsView on unpkg · L24
dist/triage-sandbox.jsView file
75[/curl|wget|https?:\/\//i, "network call in install script"], L76: [/eval\s*\(/, "eval() in install script"], L77: [/Buffer\.from\([^,)]+,\s*['"]base64/, "base64 blob in install script"],
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/triage-sandbox.jsView on unpkg · L75
dist/plugin-loader.jsView file
75async function loadSinglePlugin(pluginName, projectPath) { L76: // Reject path-traversal / non-package names before they reach import() (RCE guard) L77: if (!isValidPluginName(pluginName)) {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/plugin-loader.jsView on unpkg · L75
dist/elevation.jsView file
29/** L30: * Loud one-time stderr warning for the CI escape hatch. Emitted once per L31: * process so a single `kit secrets rotate ... ` invocation doesn't spam, ... L52: operation: "elevation-check", L53: environment: process.env.KIT_ENV ?? process.env.NODE_ENV ?? "unknown", L54: success: granted, L55: metadata: { L56: requested_scope: operation, ... L72: function elevationKeyPath() { L73: return `${_homedir()}/${ELEVATION_KEY_REL}`; L74: } ... L81: if (hex.length >= 64)
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/elevation.jsView on unpkg · L29
dist/cli.jsView file
18import { isNonInteractive } from "./environment.js"; L19: import { spawn as spawnChild } from "node:child_process"; L20: import { promptSelect } from "./utils/promptSelect.js"; ... L102: export { escapeWorkflowCmd, xmlEscape }; L103: const __dirname = dirname(fileURLToPath(import.meta.url)); L104: const KIT_VERSION = JSON.parse(readFileSync(join(__dirname, "..", "package.json"), "utf-8")).version; L105: /** Map a security finding to a short, actionable PAL title/detail. */ ... L111: const { runHeal } = await import("./heal.js"); L112: // Progress goes to stderr: live feedback for a human watching, without L113: // polluting the machine-readable proposals on stdout (--agent). ... L169: async function maybeEmitCheckAttestation(command, overallOk, summary, scannersRan, quiet) { L170: if (!hasFlag(process.argv, "--attest") && !envTruthy(process.env.KIT_ATTEST))
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/cli.jsView on unpkg · L18
dist/plugins.jsView file
223const cmd = metadata.install; L224: // Extract the actual npm install command L225: const match = cmd.match(/npm install (.+)/); L226: const pkgToInstall = match ? match[1] : packageName; L227: const { stderr } = await exec("npm", ["install", pkgToInstall], { L228: timeout: 60000,
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/plugins.jsView on unpkg · L223
skills/triage/scripts/triage.pyView file
path = skills/triage/scripts/triage.py kind = build_helper sizeBytes = 13048 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

skills/triage/scripts/triage.pyView on unpkg

Findings

3 High6 Medium7 Low
HighChild Processdist/post-pull-audit.js
HighShell
HighRuntime Package Installdist/plugins.js
MediumDynamic Requiredist/plugin-loader.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
MediumShips Build Helperskills/triage/scripts/triage.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/triage-sandbox.js
LowWeak Cryptodist/elevation.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings