registry  /  typebulb  /  0.19.3

typebulb@0.19.3

⚠ Under review

Typebulb CLI to run single-file markdown apps called bulbs, either as standalone web apps or embedded in agent responses.

Static Scan Results

scanned 8d ago · by rust-scanner

Static analysis flagged 17 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 50 file(s), 1.43 MB of source, external domains: api.anthropic.com, api.openai.com, api.typebulb.com, cdn.jsdelivr.net, cdn.skypack.dev, data.jsdelivr.com, esm.sh, generativelanguage.googleapis.com, openrouter.ai, registry.npmjs.org, unpkg.com
Oversized source lightweight scan
dist/agents/claude/client.js2.42 MB file, sampled 256 KB
NetworkChildProcessEvalObfuscatedHighEntropyStringsUrlStringscdn.skypack.devunpkg.com
dist/agents/pi/client.js2.41 MB file, sampled 256 KB
NetworkChildProcessEvalHighEntropyStringsUrlStringscdn.skypack.devunpkg.com

Source & flagged code

8 flagged · loading source
dist/servers.jsView file
139`)+1;for(;t!==0;)this.onNewLine(this.offset+t),t=this.source.indexOf(` L140: `,t)+1}return{type:e,offset:this.offset,indent:this.indent,source:this.source}}startBlockValue(e){switch(this.type){case"alias":case"scalar":case"single-quoted-scalar":case"double-... L141: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let i=Ca(n);if(!i)return nul...
High
Child Process

Package source references child process execution.

dist/servers.jsView on unpkg · L139
139`)+1;for(;t!==0;)this.onNewLine(this.offset+t),t=this.source.indexOf(` L140: `,t)+1}return{type:e,offset:this.offset,indent:this.indent,source:this.source}}startBlockValue(e){switch(this.type){case"alias":case"scalar":case"single-quoted-scalar":case"double-... L141: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let i=Ca(n);if(!i)return nul... ... L147: `)}var ad=aa(Wo(),1);function ts(s){return{...si(s),server:s.files.get("server.ts")??""}}function Go(s){return!!s.server&&!s.code}function ss(s){let e=/^---[^\n]*\n([\s\S]*?)\n---/... L148: `))for(let i of yd)for(let r of n.matchAll(i)){let o=bd(r[1]);o&&!t.has(o)&&(t.add(o),e.push(o))}return e}function Sd(s){let e=de(s);if(!e)return s;let t=e.files.get("code.tsx");if...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/servers.jsView on unpkg · L139
dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = typebulb@0.18.7 matchedIdentity = npm:dHlwZWJ1bGI:0.18.7 similarity = 0.848 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/index.jsView on unpkg
355const child = spawn(command, { L356: shell: true, L357: stdio: ["ignore", "pipe", "ignore"],
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L355
323L324: **Fix:** Replace all \`require()\` calls with ES6 \`import\` statements at the top of the file.`}var it,ot,Ww,rd,xs=C(()=>{it=["client"],ot=["client","server"],Ww=[{type:"DYNAMIC_I... L325: `)}var Jt,$v,Mv,Dv,Ut,Ks,Kt=C(()=>{Jt={anthropic:"ANTHROPIC_API_KEY",openai:"OPENAI_API_KEY",gemini:"GOOGLE_API_KEY",openrouter:"OPENROUTER_API_KEY"};$v="https://api.typebulb.com/a... L326: `),n=[];if(t.forEach((o,a)=>{let c=AS(o);c!==void 0&&n.push({id:c,idx:a})}),!n.length)return e==="latest"?r:"";let s=e==="latest"?n[n.length-1]:n.find(o=>o.id===e);if(!s)return"";l... L327: `)}function za(r){try{return process.kill(r,0),!0}catch(e){return e.code==="EPERM"}}async function ni(r){await SS(Ne(),{recursive:!0}),await np(Va(r.pid),JSON.stringify(r))}async f... L328: \u2026[${r.length-5e4} more characters truncated]`:r}var oi,ai=C(()=>{oi=(r,e)=>`![pasted image](data:${e||"image/png"};base64,${r})`});import{existsSync as RS,readdirSync as NS,st... L329: `):r==null?"":ke(JSON.stringify(r))}function US(r){let e=r.trim();return!!e&&hp.some(t=>t.test(e))}function JS(r){let e=r.trim();return e?hp.some(t=>{let n=t.exec(e);return!!n&&n.i...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.jsView on unpkg · L323
2import { createRequire as __cr } from 'module'; const require = __cr(import.meta.url); L3: var Km=Object.create;var Ni=Object.defineProperty;var Wm=Object.getOwnPropertyDescriptor;var Hm=Object.getOwnPropertyNames;var Vm=Object.getPrototypeOf,Ym=Object.prototype.hasOwnPr... L4: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let s=ch(n);if(!s)return nul... ... L9: ${o}`});return["---",`format: ${Hc}`,`name: ${$i(r.name)}`,"---","",...e].join(` L10: `)}var el=C(()=>{xn();kn()});function tl(r){if(!r.trim())return{};try{return JSON.parse(r)}catch{return{}}}var rl=C(()=>{});var nl=C(()=>{});function Di(r,e,t){let s=new RegExp(e).... L11: >/]`,i);if(n&&console.log("[xml-utils] start:",o),o===-1)return;let a=r.slice(o+e.length),c=sr(a,"^[^<]*[ /]>",0),l=c!==-1&&a[c-1]==="/";if(n&&console.log("[xml-utils] selfClosing:... ... L181: \`\`\`typescript L182: import React from "https://esm.sh/react" L183: import _ from "https://cdn.skypack.dev/lodash" ... L295: L296: **CRITICAL**: \`window.location\` changes, \`window.open()\`, and page reloads will break the app. L297:
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.jsView on unpkg · L2
dist/render.jsView file
275`);return a===-1&&(a=i.length,i+=` L276: `),{code:i.slice(0,a+1)+s+i.slice(a+1)+n,mappings:this.shiftMappings(o.mappings,s.length)}}else return{code:s+i+n,mappings:this.shiftMappings(o.mappings,s.length)}}processBalancedC... L277: `);for(let a=0;a<i.length;a++){let l=i[a],u=a+1;for(let f of zy)f.targets.includes(s)&&f.pattern.test(l)&&o.push({type:f.type,severity:"error",message:nk(f.type,u),lineNumber:u,lin...
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/render.jsView on unpkg · L275
dist/agents/claude/client.jsView file
path = dist/agents/claude/client.js kind = oversized_source_file sizeBytes = 2540846 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/agents/claude/client.jsView on unpkg

Findings

1 Critical5 High3 Medium8 Low
CriticalPrevious Version Dangerous Deltadist/index.js
HighChild Processdist/servers.js
HighShelldist/index.js
HighSame File Env Network Executiondist/servers.js
HighCommand Output Exfiltrationdist/index.js
HighOversized Source Filedist/agents/claude/client.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/render.js
LowWeak Cryptodist/index.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings