registry  /  theokit  /  0.14.0

theokit@0.14.0

⚠ Under review

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 13 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 139 file(s), 954 KB of source, external domains: api.anthropic.com, api.openai.com, cdn.jsdelivr.net, openrouter.ai, theokit.dev

Source & flagged code

5 flagged · loading source
dist/router-TLEAOFID.jsView file
4// src/cli/commands/migrate/router.ts L5: import { execFileSync } from "child_process"; L6: import { existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from "fs";
High
Child Process

Package source references child process execution.

dist/router-TLEAOFID.jsView on unpkg · L4
44const fromSub = (_m, q, spec) => `from ${q}${transformSpecifier(spec)}${q}`; L45: const dynSub = (_m, q, spec) => `import(${q}${transformSpecifier(spec)}${q})`; L46: const sideSub = (_m, q, spec) => `import ${q}${transformSpecifier(spec)}${q}`;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/router-TLEAOFID.jsView on unpkg · L44
dist/chunk-45C3WUQ7.jsView file
514cwd, L515: shell: true, L516: env,
High
Shell

Package source references shell execution.

dist/chunk-45C3WUQ7.jsView on unpkg · L514
dist/db-3UNAMSFK.jsView file
33console.log("\n \u25B8 Running drizzle-kit push...\n"); L34: execSync("npx drizzle-kit push", { cwd, stdio: "inherit" }); L35: return { status: "success", message: "Database migrated successfully", action: dbAction };
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/db-3UNAMSFK.jsView on unpkg · L33
dist/chunk-2J7XU3PW.jsView file
matchType = previous_version_dangerous_delta matchedPackage = theokit@0.12.1 matchedIdentity = npm:dGhlb2tpdA:0.12.1 similarity = 0.758 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/chunk-2J7XU3PW.jsView on unpkg

Findings

1 Critical3 High4 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/chunk-2J7XU3PW.js
HighChild Processdist/router-TLEAOFID.js
HighShelldist/chunk-45C3WUQ7.js
HighRuntime Package Installdist/db-3UNAMSFK.js
MediumDynamic Requiredist/router-TLEAOFID.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
theokit: Suspicious npm security report (Warn) | LPM Firewall