@open-hax/eta-mu-cli
Coding agent CLI with read, bash, edit, write tools and session management
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:steganography-image-eval | AI (semgrep): Fires on WAD file read in a Doom example extension; no image-based code execution. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): Raw IP is 127.0.0.1 localhost OAuth redirect URI in an example extension; not exfiltration. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): Used to load a bundled Doom JS module in an example extension; not user-controlled input. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Decodes base64 image data and writes to disk in an image-gen example; legitimate use. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): Used in a notify example extension to send Windows toast notifications via powershell; expected for a CLI tool. | ai | |
| phantom-deps | phantom-dep:marked | AI (phantom-deps): marked is listed as a runtime dependency in package.json; phantom-dep heuristic false positive. | ai |
v0.70.14
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.13
2 findingsData read from image file then executed — steganography attack pattern 56 | 57 | // Read WAD file > 58 | const wadData = readFileSync(this.wadPath); 59 | const wadArray = Array.from(new Uint8Array(wadData)); 60 |
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.