registry  /  shieldcortex  /  4.47.1

shieldcortex@4.47.1

Trustworthy memory and security for AI agents. Recall debugging, review queue, OpenClaw session capture, and memory poisoning defence for Claude Code, Codex, OpenClaw, LangChain, and MCP agents.

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 26 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 280 file(s), 2.34 MB of source, external domains: 127.0.0.1, api.shieldcortex.ai, blocked.invalid, github.com, json.schemastore.org, registry.npmjs.org, shieldcortex.ai, www.apple.com

Source & flagged code

17 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
README.mdView file
shieldcortex scan "ignore previous instructions"
High
Ai Reviewer Manipulation

Package text addresses the security reviewer or scanner and tries to influence the review outcome.

README.mdView on unpkg
dist/defence/sensitivity/patterns.jsView file
25patternName = private_key_rsa severity = critical line = 25 matchedText = { patter...0 },
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/defence/sensitivity/patterns.jsView on unpkg · L25
25patternName = private_key_rsa severity = critical line = 25 matchedText = { patter...0 },
Critical
Secret Pattern

RSA private key in dist/defence/sensitivity/patterns.js

dist/defence/sensitivity/patterns.jsView on unpkg · L25
26patternName = private_key_ec severity = critical line = 26 matchedText = { patter...0 },
Critical
Secret Pattern

EC private key in dist/defence/sensitivity/patterns.js

dist/defence/sensitivity/patterns.jsView on unpkg · L26
28patternName = private_key_rsa severity = critical line = 28 matchedText = { patter...0 },
Critical
Secret Pattern

RSA private key in dist/defence/sensitivity/patterns.js

dist/defence/sensitivity/patterns.jsView on unpkg · L28
dist/database/init.jsView file
8import { fileURLToPath } from 'url'; L9: import { execSync } from 'child_process'; L10: import { runMigrations } from './migrations.js';
High
Child Process

Package source references child process execution.

dist/database/init.jsView on unpkg · L8
dist/setup/hooks.jsView file
53stdio: ['pipe', 'inherit', 'inherit'], L54: shell: true, L55: });
High
Shell

Package source references shell execution.

dist/setup/hooks.jsView on unpkg · L53
dist/xray/patterns.jsView file
19title: 'Dynamic code execution detected', L20: description: 'Code uses eval(), new Function(), or vm.runIn* which can execute arbitrary code.', L21: patterns: [
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/xray/patterns.jsView on unpkg · L19
dist/database/better-sqlite3-guard.jsView file
18import { createRequire } from 'module'; L19: const require = createRequire(import.meta.url); L20: /**
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/database/better-sqlite3-guard.jsView on unpkg · L18
hooks/openclaw/cortex-memory/handler.tsView file
53L54: const NOVELTY_CACHE_FILE = path.join(homedir(), ".shieldcortex", "openclaw-memory-cache.json"); L55: const DEFAULT_NOVELTY_THRESHOLD = 0.88; ... L117: try { L118: const raw = JSON.parse(await fs.readFile(NOVELTY_CACHE_FILE, "utf-8")); L119: if (!Array.isArray(raw)) return [];
Low
Weak Crypto

Package source references weak cryptographic algorithms.

hooks/openclaw/cortex-memory/handler.tsView on unpkg · L53
dist/setup/deep-clean.jsView file
19import os from 'os'; L20: import { execSync } from 'child_process'; L21: const PLUGIN_ID = 'shieldcortex-realtime'; ... L27: function resolveHome() { L28: const sudoUser = process.env.SUDO_USER; L29: if (sudoUser) { ... L42: } L43: return os.homedir(); L44: } ... L48: try { L49: const parsed = JSON.parse(fs.readFileSync(file, 'utf-8')); L50: return typeof parsed === 'object' && parsed !== null
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/setup/deep-clean.jsView on unpkg · L19
dist/index.jsView file
331║ Starting Next.js dashboard... ║ L332: ║ Dashboard: http://localhost:3030 ║ L333: ║ API: http://localhost:3001 ║ ... L343: if (useStandalone && dashboardPath) { L344: return spawn(process.execPath, ['server.js'], { L345: cwd: dashboardPath.cwd, L346: stdio: ['ignore', 'pipe', 'pipe'], L347: env: { ...process.env, PORT: '3030', HOSTNAME: '0.0.0.0' }, L348: });
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.jsView on unpkg · L331
dashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.bodyView file
path = dashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.body kind = high_entropy_blob sizeBytes = 26212 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

dashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.bodyView on unpkg
path = dashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.body kind = payload_in_excluded_dir sizeBytes = 26212 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

dashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.bodyView on unpkg
dist/defence/skill-scanner/patterns.jsView file
matchType = previous_version_dangerous_delta matchedPackage = shieldcortex@4.47.0 matchedIdentity = npm:c2hpZWxkY29ydGV4:4.47.0 similarity = 0.983 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/defence/skill-scanner/patterns.jsView on unpkg

Findings

4 Critical8 High6 Medium8 Low
CriticalCritical Secretdist/defence/sensitivity/patterns.js
CriticalSecret Patterndist/defence/sensitivity/patterns.js
CriticalSecret Patterndist/defence/sensitivity/patterns.js
CriticalSecret Patterndist/defence/sensitivity/patterns.js
HighInstall Time Lifecycle Scriptspackage.json
HighAi Reviewer ManipulationREADME.md
HighChild Processdist/database/init.js
HighShelldist/setup/hooks.js
HighSame File Env Network Executiondist/index.js
HighShips High Entropy Blobdashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.body
HighPayload In Excluded Dirdashboard/.next/standalone/dashboard/.next/server/app/apple-icon.png.body
HighPrevious Version Dangerous Deltadist/defence/skill-scanner/patterns.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requiredist/database/better-sqlite3-guard.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/setup/deep-clean.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/xray/patterns.js
LowWeak Cryptohooks/openclaw/cortex-memory/handler.ts
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings