registry  /  zcode-starterkit  /  1.7.7

zcode-starterkit@1.7.7

Global baseline (ZCode plugins) + thin project overlay installer for ZCode Agent.

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis flagged 12 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 38 file(s), 859 KB of source, external domains: api.github.com, context7.com, github.com, grep.app, json-schema.org, json.schemastore.org, prompts.chat, raw.githubusercontent.com, spec.openapis.org, stackoverflow.com, token.v-claw.org, tools.ietf.org, www.safaribooksonline.com, www.w3.org

Source & flagged code

5 flagged · loading source
baseline/mcp-tools/dist/mcp/server.jsView file
2941sourceCode = this.opts.code.process(sourceCode, sch); L2942: const makeValidate = new Function(`${names_1.default.self}`, `${names_1.default.scope}`, sourceCode); L2943: const validate = makeValidate(this, this.scope.get());
Low
Eval

Package source references a known benign dynamic code generation pattern.

baseline/mcp-tools/dist/mcp/server.jsView on unpkg · L2941
src/rtk.mjsView file
13import path from 'node:path' L14: import { spawnSync } from 'node:child_process' L15: import { ensureDir, exists } from './fs-utils.mjs' ... L18: export const RTK_REPO = 'rtk-ai/rtk' L19: export const RTK_INSTALL_COMMAND = 'curl -fsSL https://raw.githubusercontent.com/rtk-[redacted].sh | sh' L20: export const RTK_FALLBACK_INSTALL_COMMAND = 'cargo install --git https://github.com/rtk-ai/rtk' ... L25: if (!exists(filePath)) return fallback L26: return JSON.parse(fs.readFileSync(filePath, 'utf8')) L27: } catch { ... L55: L56: function pathEntries(env = process.env, platform = process.platform) { L57: const delimiter = platform === 'win32' ? ';' : ':'
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/rtk.mjsView on unpkg · L13
matchType = previous_version_dangerous_delta matchedPackage = zcode-starterkit@1.7.2 matchedIdentity = npm:emNvZGUtc3RhcnRlcmtpdA:1.7.2 similarity = 0.800 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/rtk.mjsView on unpkg
baseline/hooks-plugin/hooks/guard.cmdView file
path = baseline/hooks-plugin/hooks/guard.cmd kind = build_helper sizeBytes = 207 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

baseline/hooks-plugin/hooks/guard.cmdView on unpkg
baseline/skills/security-and-hardening/SKILL.mdView file
104patternName = generic_password severity = medium line = 104 matchedText = console.... });
Medium
Secret Pattern

Hardcoded password in baseline/skills/security-and-hardening/SKILL.md

baseline/skills/security-and-hardening/SKILL.mdView on unpkg · L104

Findings

2 High5 Medium5 Low
HighSandbox Evasion Gated Capabilitysrc/rtk.mjs
HighPrevious Version Dangerous Deltasrc/rtk.mjs
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperbaseline/hooks-plugin/hooks/guard.cmd
MediumStructural Risk Force Deep Review
MediumSecret Patternbaseline/skills/security-and-hardening/SKILL.md
LowScripts Present
LowEvalbaseline/mcp-tools/dist/mcp/server.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings