@ha-bits/cortex
Cortex - Habits Workflow Executor CLI
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@activepieces/pieces-framework | AI (phantom-deps): Declared dependency; bundled via esbuild into main.cjs. | ai | |
| phantom-deps | phantom-dep:qs | AI (phantom-deps): Declared in package.json dependencies; likely used transitively or in bundled output. | ai | |
| semgrep | semgrep:env-bulk-read | AI (semgrep): Explicitly filters for HABITS_ prefix; reads only expected config vars, not exfiltrating all secrets. | ai | |
| phantom-deps | phantom-dep:@activepieces/pieces-common | AI (phantom-deps): Declared dependency; bundled via esbuild into main.cjs. | ai | |
| phantom-deps | phantom-dep:@activepieces/piece-http | AI (phantom-deps): Declared dependency; bundled via esbuild into main.cjs. | ai | |
| phantom-deps | phantom-dep:winston | AI (phantom-deps): Declared in package.json; likely bundled into main.cjs via esbuild. | ai | |
| phantom-deps | phantom-dep:@ha-bits/bindings | AI (phantom-deps): Same-org monorepo workspace dep; not directly imported in this UI package. | ai | |
| phantom-deps | phantom-dep:@ha-bits/cortex-core | AI (phantom-deps): Same-org monorepo workspace dep; not directly imported in this UI package. | ai | |
| phantom-deps | phantom-dep:@ha-bits/core | AI (phantom-deps): Same-org monorepo workspace dep; not directly imported in this UI package. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decode is Basic Auth credential parsing — standard HTTP auth pattern. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): env-spread in exec wrapper is standard pattern for passing env to child processes; not exfiltration. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): child_process used for command execution in server bundle; expected for automation/workflow tooling. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): new Function used for expression evaluation in workflow engine; input is sandboxed via safeContext. | ai | |
| phantom-deps | phantom-dep:uuid | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:express | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:dotenv | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:croner | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:yargs | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:jszip | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai | |
| phantom-deps | phantom-dep:yaml | AI (phantom-deps): Declared dependency; heuristic false positive for config-referenced imports. | ai |
Versions (showing 10 of 10)
| Version | Deps | Published |
|---|---|---|
| 1.5.126 | 8 / 9 | |
| 1.5.123 | 8 / 9 | |
| 1.5.122 | 5 / 9 | |
| 1.5.121 | 5 / 9 | |
| 1.5.90 | 5 / 6 | |
| 1.5.89 | 8 / 6 | |
| 1.0.3 | 12 / 6 | |
| 1.0.2 | 12 / 6 | |
| 1.0.1 | 12 / 6 | |
| 1.0.0 | 8 / 6 |
v1.5.126
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.123
11 findingsSpreading entire process.env into an object — may capture all secrets 260 | const { stdout, stderr } = await execPromise(command, { 261 | cwd: options.cwd, > 262 | env: options.env ? { ...process.env, ...options.env } : void 0, 263 | timeout: options.timeout, 264 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1320 | // 500MB 1321 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1322 | env: { 1323 | ...process.env, 1324 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4658 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4659 | const proc = (0, import_child_process.spawn)(pythonCmd, [scriptPath], { > 4660 | env: { ...process.env }, 4661 | cwd: tmpDir 4662 | });
Spreading entire process.env into an object — may capture all secrets 4739 | const proc = (0, import_child_process.spawn)("./main", [], { 4740 | cwd: scriptDir, > 4741 | env: { ...process.env } 4742 | }); 4743 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4810 | return new Promise((resolve5, reject) => { 4811 | const proc = (0, import_child_process.spawn)("bash", [scriptPath], { > 4812 | env: { ...process.env }, 4813 | cwd: tmpDir 4814 | });
Spreading entire process.env into an object — may capture all secrets 244 | const { stdout, stderr } = await execPromise(command, { 245 | cwd: options.cwd, > 246 | env: options.env ? { ...process.env, ...options.env } : void 0, 247 | timeout: options.timeout, 248 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1304 | // 500MB 1305 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1306 | env: { 1307 | ...process.env, 1308 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4647 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4648 | const proc = spawn2(pythonCmd, [scriptPath], { > 4649 | env: { ...process.env }, 4650 | cwd: tmpDir 4651 | });
Spreading entire process.env into an object — may capture all secrets 4728 | const proc = spawn2("./main", [], { 4729 | cwd: scriptDir, > 4730 | env: { ...process.env } 4731 | }); 4732 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4799 | return new Promise((resolve5, reject) => { 4800 | const proc = spawn2("bash", [scriptPath], { > 4801 | env: { ...process.env }, 4802 | cwd: tmpDir 4803 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.122
11 findingsSpreading entire process.env into an object — may capture all secrets 260 | const { stdout, stderr } = await execPromise(command, { 261 | cwd: options.cwd, > 262 | env: options.env ? { ...process.env, ...options.env } : void 0, 263 | timeout: options.timeout, 264 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1320 | // 500MB 1321 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1322 | env: { 1323 | ...process.env, 1324 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4658 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4659 | const proc = (0, import_child_process.spawn)(pythonCmd, [scriptPath], { > 4660 | env: { ...process.env }, 4661 | cwd: tmpDir 4662 | });
Spreading entire process.env into an object — may capture all secrets 4739 | const proc = (0, import_child_process.spawn)("./main", [], { 4740 | cwd: scriptDir, > 4741 | env: { ...process.env } 4742 | }); 4743 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4810 | return new Promise((resolve5, reject) => { 4811 | const proc = (0, import_child_process.spawn)("bash", [scriptPath], { > 4812 | env: { ...process.env }, 4813 | cwd: tmpDir 4814 | });
Spreading entire process.env into an object — may capture all secrets 244 | const { stdout, stderr } = await execPromise(command, { 245 | cwd: options.cwd, > 246 | env: options.env ? { ...process.env, ...options.env } : void 0, 247 | timeout: options.timeout, 248 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1304 | // 500MB 1305 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1306 | env: { 1307 | ...process.env, 1308 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4647 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4648 | const proc = spawn2(pythonCmd, [scriptPath], { > 4649 | env: { ...process.env }, 4650 | cwd: tmpDir 4651 | });
Spreading entire process.env into an object — may capture all secrets 4728 | const proc = spawn2("./main", [], { 4729 | cwd: scriptDir, > 4730 | env: { ...process.env } 4731 | }); 4732 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4799 | return new Promise((resolve5, reject) => { 4800 | const proc = spawn2("bash", [scriptPath], { > 4801 | env: { ...process.env }, 4802 | cwd: tmpDir 4803 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.121
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.90
11 findingsSpreading entire process.env into an object — may capture all secrets 260 | const { stdout, stderr } = await execPromise(command, { 261 | cwd: options.cwd, > 262 | env: options.env ? { ...process.env, ...options.env } : void 0, 263 | timeout: options.timeout, 264 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1320 | // 500MB 1321 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1322 | env: { 1323 | ...process.env, 1324 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4127 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4128 | const proc = (0, import_child_process.spawn)(pythonCmd, [scriptPath], { > 4129 | env: { ...process.env }, 4130 | cwd: tmpDir 4131 | });
Spreading entire process.env into an object — may capture all secrets 4208 | const proc = (0, import_child_process.spawn)("./main", [], { 4209 | cwd: scriptDir, > 4210 | env: { ...process.env } 4211 | }); 4212 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4279 | return new Promise((resolve5, reject) => { 4280 | const proc = (0, import_child_process.spawn)("bash", [scriptPath], { > 4281 | env: { ...process.env }, 4282 | cwd: tmpDir 4283 | });
Spreading entire process.env into an object — may capture all secrets 244 | const { stdout, stderr } = await execPromise(command, { 245 | cwd: options.cwd, > 246 | env: options.env ? { ...process.env, ...options.env } : void 0, 247 | timeout: options.timeout, 248 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1304 | // 500MB 1305 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1306 | env: { 1307 | ...process.env, 1308 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4117 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4118 | const proc = spawn2(pythonCmd, [scriptPath], { > 4119 | env: { ...process.env }, 4120 | cwd: tmpDir 4121 | });
Spreading entire process.env into an object — may capture all secrets 4198 | const proc = spawn2("./main", [], { 4199 | cwd: scriptDir, > 4200 | env: { ...process.env } 4201 | }); 4202 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4269 | return new Promise((resolve5, reject) => { 4270 | const proc = spawn2("bash", [scriptPath], { > 4271 | env: { ...process.env }, 4272 | cwd: tmpDir 4273 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.89
11 findingsSpreading entire process.env into an object — may capture all secrets 260 | const { stdout, stderr } = await execPromise(command, { 261 | cwd: options.cwd, > 262 | env: options.env ? { ...process.env, ...options.env } : void 0, 263 | timeout: options.timeout, 264 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1320 | // 500MB 1321 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1322 | env: { 1323 | ...process.env, 1324 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4130 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4131 | const proc = (0, import_child_process.spawn)(pythonCmd, [scriptPath], { > 4132 | env: { ...process.env }, 4133 | cwd: tmpDir 4134 | });
Spreading entire process.env into an object — may capture all secrets 4211 | const proc = (0, import_child_process.spawn)("./main", [], { 4212 | cwd: scriptDir, > 4213 | env: { ...process.env } 4214 | }); 4215 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4282 | return new Promise((resolve5, reject) => { 4283 | const proc = (0, import_child_process.spawn)("bash", [scriptPath], { > 4284 | env: { ...process.env }, 4285 | cwd: tmpDir 4286 | });
Spreading entire process.env into an object — may capture all secrets 244 | const { stdout, stderr } = await execPromise(command, { 245 | cwd: options.cwd, > 246 | env: options.env ? { ...process.env, ...options.env } : void 0, 247 | timeout: options.timeout, 248 | maxBuffer: options.maxBuffer || 50 * 1024 * 1024,
Spreading entire process.env into an object — may capture all secrets 1304 | // 500MB 1305 | // Set NODE_OPTIONS to increase heap memory and optimize GC for heavy installs > 1306 | env: { 1307 | ...process.env, 1308 | NODE_OPTIONS: "--max-old-space-size=16384"
Spreading entire process.env into an object — may capture all secrets 4120 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 4121 | const proc = spawn2(pythonCmd, [scriptPath], { > 4122 | env: { ...process.env }, 4123 | cwd: tmpDir 4124 | });
Spreading entire process.env into an object — may capture all secrets 4201 | const proc = spawn2("./main", [], { 4202 | cwd: scriptDir, > 4203 | env: { ...process.env } 4204 | }); 4205 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 4272 | return new Promise((resolve5, reject) => { 4273 | const proc = spawn2("bash", [scriptPath], { > 4274 | env: { ...process.env }, 4275 | cwd: tmpDir 4276 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.3
4 findingsSpreading entire process.env into an object — may capture all secrets 1904 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 1905 | const proc = (0, import_child_process3.spawn)(pythonCmd, [scriptPath], { > 1906 | env: { ...process.env }, 1907 | cwd: tmpDir 1908 | });
Spreading entire process.env into an object — may capture all secrets 1985 | const proc = (0, import_child_process3.spawn)("./main", [], { 1986 | cwd: scriptDir, > 1987 | env: { ...process.env } 1988 | }); 1989 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 2056 | return new Promise((resolve5, reject) => { 2057 | const proc = (0, import_child_process3.spawn)("bash", [scriptPath], { > 2058 | env: { ...process.env }, 2059 | cwd: tmpDir 2060 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.2
4 findingsSpreading entire process.env into an object — may capture all secrets 1896 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 1897 | const proc = (0, import_child_process3.spawn)(pythonCmd, [scriptPath], { > 1898 | env: { ...process.env }, 1899 | cwd: tmpDir 1900 | });
Spreading entire process.env into an object — may capture all secrets 1977 | const proc = (0, import_child_process3.spawn)("./main", [], { 1978 | cwd: scriptDir, > 1979 | env: { ...process.env } 1980 | }); 1981 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 2048 | return new Promise((resolve5, reject) => { 2049 | const proc = (0, import_child_process3.spawn)("bash", [scriptPath], { > 2050 | env: { ...process.env }, 2051 | cwd: tmpDir 2052 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.1
4 findingsSpreading entire process.env into an object — may capture all secrets 1896 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 1897 | const proc = (0, import_child_process3.spawn)(pythonCmd, [scriptPath], { > 1898 | env: { ...process.env }, 1899 | cwd: tmpDir 1900 | });
Spreading entire process.env into an object — may capture all secrets 1977 | const proc = (0, import_child_process3.spawn)("./main", [], { 1978 | cwd: scriptDir, > 1979 | env: { ...process.env } 1980 | }); 1981 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 2048 | return new Promise((resolve5, reject) => { 2049 | const proc = (0, import_child_process3.spawn)("bash", [scriptPath], { > 2050 | env: { ...process.env }, 2051 | cwd: tmpDir 2052 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.0
4 findingsSpreading entire process.env into an object — may capture all secrets 1896 | const pythonCmd = process.platform === "win32" ? "python" : "python3"; 1897 | const proc = (0, import_child_process3.spawn)(pythonCmd, [scriptPath], { > 1898 | env: { ...process.env }, 1899 | cwd: tmpDir 1900 | });
Spreading entire process.env into an object — may capture all secrets 1977 | const proc = (0, import_child_process3.spawn)("./main", [], { 1978 | cwd: scriptDir, > 1979 | env: { ...process.env } 1980 | }); 1981 | let stdout = "";
Spreading entire process.env into an object — may capture all secrets 2048 | return new Promise((resolve5, reject) => { 2049 | const proc = (0, import_child_process3.spawn)("bash", [scriptPath], { > 2050 | env: { ...process.env }, 2051 | cwd: tmpDir 2052 | });
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.