@sternrassler/pi-coding-agent
Coding agent CLI with read, bash, edit, write tools and session management
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:steganography-image-eval | AI (semgrep): Doom WAD file loading in examples/extensions — not a steganography attack. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): 127.0.0.1 localhost OAuth redirect in example extension; benign. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): Doom JS module loader in examples/extensions; not runtime core code. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): Desktop notification helper in examples/extensions; benign use of execFile. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Image generation example writing base64-decoded image to file; benign. | ai |
Versions (showing 1 of 1)
| Version | Deps | Published |
|---|---|---|
| 0.70.8 | 21 / 8 |
v0.70.8
2 findingsData read from image file then executed — steganography attack pattern Source: https://github.com/badlogic/pi-mono/blob/a83b7880ade46b9a62309f5103c809525f15dda2/examples/extensions/doom-overlay/doom-engine.ts#L58 56 | 57 | // Read WAD file > 58 | const wadData = readFileSync(this.wadPath); 59 | const wadArray = Array.from(new Uint8Array(wadData)); 60 |
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.