registry  /  typebulb  /  0.19.5

typebulb@0.19.5

⚠ Under review

Typebulb CLI to run single-file markdown apps called bulbs, either as standalone web apps or embedded in agent responses.

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 17 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 49 file(s), 1.42 MB of source, external domains: api.anthropic.com, api.openai.com, api.typebulb.com, cdn.jsdelivr.net, cdn.skypack.dev, data.jsdelivr.com, esm.sh, generativelanguage.googleapis.com, openrouter.ai, registry.npmjs.org, unpkg.com
Oversized source lightweight scan
dist/agents/claude/client.js2.42 MB file, sampled 256 KB
NetworkChildProcessEvalObfuscatedHighEntropyStringsUrlStringscdn.skypack.devunpkg.com
dist/agents/pi/client.js2.41 MB file, sampled 256 KB
NetworkChildProcessEvalHighEntropyStringsUrlStringscdn.skypack.devunpkg.com

Source & flagged code

8 flagged · loading source
dist/servers.jsView file
139`)+1;for(;t!==0;)this.onNewLine(this.offset+t),t=this.source.indexOf(` L140: `,t)+1}return{type:e,offset:this.offset,indent:this.indent,source:this.source}}startBlockValue(e){switch(this.type){case"alias":case"scalar":case"single-quoted-scalar":case"double-... L141: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let i=Ca(n);if(!i)return nul...
High
Child Process

Package source references child process execution.

dist/servers.jsView on unpkg · L139
139`)+1;for(;t!==0;)this.onNewLine(this.offset+t),t=this.source.indexOf(` L140: `,t)+1}return{type:e,offset:this.offset,indent:this.indent,source:this.source}}startBlockValue(e){switch(this.type){case"alias":case"scalar":case"single-quoted-scalar":case"double-... L141: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let i=Ca(n);if(!i)return nul... ... L147: `)}var ad=aa(Wo(),1);function Zt(s){return{...si(s),server:s.files.get("server.ts")??""}}function Go(s){return!!s.server&&!s.code}function es(s){let e=/^---[^\n]*\n([\s\S]*?)\n---/... L148: `)).map(e=>e.root)}function wd(s){let e=fe(s);if(!e)return s;let t=e.files.get("code.tsx");if(!t)return s;let n=zo(t);if(!n.length)return s;let i=e.files.get("config.json"),r={};if...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/servers.jsView on unpkg · L139
dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = typebulb@0.18.7 matchedIdentity = npm:dHlwZWJ1bGI:0.18.7 similarity = 0.356 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/index.jsView on unpkg
355const child = spawn(command, { L356: shell: true, L357: stdio: ["ignore", "pipe", "ignore"],
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L355
323L324: **Fix:** Replace all \`require()\` calls with ES6 \`import\` statements at the top of the file.`}var ct,lt,Kw,Ww,hs=R(()=>{ct=["client"],lt=["client","server"],Kw=[{type:"DYNAMIC_I... L325: `)}var Kt,Nv,_v,Iv,Jt,Ks,Wt=R(()=>{Kt={anthropic:"ANTHROPIC_API_KEY",openai:"OPENAI_API_KEY",gemini:"GOOGLE_API_KEY",openrouter:"OPENROUTER_API_KEY"};Nv="https://api.typebulb.com/a... L326: `),n=[];if(t.forEach((o,a)=>{let c=vS(o);c!==void 0&&n.push({id:c,idx:a})}),!n.length)return e==="latest"?r:"";let s=e==="latest"?n[n.length-1]:n.find(o=>o.id===e);if(!s)return"";l... L327: `)}function Va(r){try{return process.kill(r,0),!0}catch(e){return e.code==="EPERM"}}async function ni(r){await gS(Ne(),{recursive:!0}),await rp(Ja(r.pid),JSON.stringify(r))}async f... L328: \u2026[${r.length-5e4} more characters truncated]`:r}var ii,oi=R(()=>{ii=(r,e)=>`![pasted image](data:${e||"image/png"};base64,${r})`});import{existsSync as AS,readdirSync as TS,st... L329: `):r==null?"":ve(JSON.stringify(r))}function DS(r){let e=r.trim();return!!e&&mp.some(t=>t.test(e))}function BS(r){let e=r.trim();return e?mp.some(t=>{let n=t.exec(e);return!!n&&n.i...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.jsView on unpkg · L323
2import { createRequire as __cr } from 'module'; const require = __cr(import.meta.url); L3: var Jm=Object.create;var Oi=Object.defineProperty;var Km=Object.getOwnPropertyDescriptor;var Wm=Object.getOwnPropertyNames;var Hm=Object.getPrototypeOf,Vm=Object.prototype.hasOwnPr... L4: `),t=0;if(e[t]?.trim()!=="---")return null;t++;let n=[];for(;t<e.length&&e[t]?.trim()!=="---";)n.push(e[t]),t++;if(e[t]?.trim()!=="---")return null;t++;let s=ah(n);if(!s)return nul... ... L9: ${o}`});return["---",`format: ${Kc}`,`name: ${Ni(r.name)}`,"---","",...e].join(` L10: `)}var Xc=R(()=>{hn();gn()});function Zc(r){if(!r.trim())return{};try{return JSON.parse(r)}catch{return{}}}var el=R(()=>{});var tl=R(()=>{});function Ii(r,e,t){let s=new RegExp(e).... L11: >/]`,i);if(n&&console.log("[xml-utils] start:",o),o===-1)return;let a=r.slice(o+e.length),c=ir(a,"^[^<]*[ /]>",0),l=c!==-1&&a[c-1]==="/";if(n&&console.log("[xml-utils] selfClosing:... ... L181: \`\`\`typescript L182: import React from "https://esm.sh/react" L183: import _ from "https://cdn.skypack.dev/lodash" ... L295: L296: **CRITICAL**: \`window.location\` changes, \`window.open()\`, and page reloads will break the app. L297:
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.jsView on unpkg · L2
dist/render.jsView file
275`);return a===-1&&(a=i.length,i+=` L276: `),{code:i.slice(0,a+1)+s+i.slice(a+1)+n,mappings:this.shiftMappings(o.mappings,s.length)}}else return{code:s+i+n,mappings:this.shiftMappings(o.mappings,s.length)}}processBalancedC... L277: `);for(let a=0;a<i.length;a++){let l=i[a],u=a+1;for(let f of ek)f.targets.includes(s)&&f.pattern.test(l)&&o.push({type:f.type,severity:"error",message:ik(f.type,u),lineNumber:u,lin...
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/render.jsView on unpkg · L275
dist/agents/claude/client.jsView file
path = dist/agents/claude/client.js kind = oversized_source_file sizeBytes = 2539323 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/agents/claude/client.jsView on unpkg

Findings

1 Critical5 High3 Medium8 Low
CriticalPrevious Version Dangerous Deltadist/index.js
HighChild Processdist/servers.js
HighShelldist/index.js
HighSame File Env Network Executiondist/servers.js
HighCommand Output Exfiltrationdist/index.js
HighOversized Source Filedist/agents/claude/client.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/render.js
LowWeak Cryptodist/index.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings