registry  /  tapmarket-connect  /  0.1.4

tapmarket-connect@0.1.4

⚠ Under review

Give your AI assistant the power to hire paid specialists on TapMarket — with spending limits enforced on-chain.

Static Scan Results

scanned 5h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 6 file(s), 27.5 KB of source, external domains: 127.0.0.1, faucet.circle.com, fund.tappayment.io, hermes.tappayment.io, rpc.zerodev.app, scribe.tappayment.io, sepolia.base.org, sepolia.basescan.org, tappayment.io

Source & flagged code

4 flagged · loading source
server.jsView file
19L20: const WALLET_FILE = process.env.TAPMARKET_WALLET ?? new URL("./wallet.json", import.meta.url).pathname; L21: if (!existsSync(WALLET_FILE)) { ... L24: } L25: const wallet = JSON.parse(readFileSync(WALLET_FILE, "utf8")); L26: ... L35: const usdcAbi = parseAbi(["function approve(address,uint256)", "function balanceOf(address) view returns (uint256)"]); L36: const publicClient = createPublicClient({ chain: baseSepolia, transport: http("https://sepolia.base.org") }); L37: const account = await deserializePermissionAccount( ... L78: if (!spec) return { content: [{ type: "text", text: `Unknown specialist '${args.specialist}'. Use list_specialists.` }], isError: true }; L79: const route = { url: spec.endpoint, body: spec.shape }; L80: const esc = await publicClient.readContract({ address: TAP_MARKET, abi: marketAbi, functionName: "escrows", args: [BigInt(spec.listingId), account.address] });
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

server.jsView on unpkg · L19
19Trigger-reachable chain: manifest.bin -> cli.js -> server.js L19: L20: const WALLET_FILE = process.env.TAPMARKET_WALLET ?? new URL("./wallet.json", import.meta.url).pathname; L21: if (!existsSync(WALLET_FILE)) { ... L24: } L25: const wallet = JSON.parse(readFileSync(WALLET_FILE, "utf8")); L26: ... L35: const usdcAbi = parseAbi(["function approve(address,uint256)", "function balanceOf(address) view returns (uint256)"]); L36: const publicClient = createPublicClient({ chain: baseSepolia, transport: http("https://sepolia.base.org") }); L37: const account = await deserializePermissionAccount( ... L78: if (!spec) return { content: [{ type: "text", text: `Unknown specialist '${args.specialist}'. Use list_specialists.` }], isError: true }; L79: const route = { url: spec.endpoint, body: spec.shape }; L80: const esc = await publicClient.readContract({ address: TAP_MARKET, abi: marketAbi, functionName: "escrows", args: [BigInt(spec.listingId), account.address] });
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

server.jsView on unpkg · L19
package.jsonView file
scripts registry_only=start
Critical
Manifest Confusion

Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.

package.jsonView on unpkg
dashboard.jsView file
matchType = previous_version_dangerous_delta matchedPackage = tapmarket-connect@0.1.1 matchedIdentity = npm:dGFwbWFya2V0LWNvbm5lY3Q:0.1.1 similarity = 0.400 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dashboard.jsView on unpkg

Findings

4 Critical3 Medium4 Low
CriticalCredential Exfiltrationserver.js
CriticalTrigger Reachable Dangerous Capabilityserver.js
CriticalManifest Confusionpackage.json
CriticalPrevious Version Dangerous Deltadashboard.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings